viz.Log pripojenim na projektor+Citrix nejdou kl.zkratky
Napsal: 10 zář 2017 18:19
Ahoj, prosím o pomoc! 
Nefungují na notebooku lenovo zkratky FN+ a pokud si připojím dvě obrazovky tak se mi odejdou i WIN kl.zkratky, jakýkoli prohlížeč se chová nestandardně - klik na odkaz otevře do okna namísto záložek, CTRL+S otevírá stránku pro vývojáře. Obecně pokud označím slovo, soubor tak se mi označuje vše od začátku namísto požadovaného výberu to se děje v TotalCommeder, Průzkumníku v jakemkoli prolhlížečí. Vše se mi přenáší i když jsem v Citrix prostředí.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2017-09-10 19:00:07
Microsoft Windows 10 Pro
System drive C: has 119 GB (50%) free of 239 GB
Total RAM: 3956 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00:16, on 10-Sep-17
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal
Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gosearch.me/?u=f79738d97a1bbc7d ... 1442839767
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DockingDetection] C:\PROGRA~2\Lenovo\LENOVO~1\DOCKIN~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{b41e8429-bdb9-433c-94da-e558ff098047}: NameServer = 77.234.40.79
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @oem8.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem21.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\WINDOWS\System32\TPHDEXLG64.exe (file missing)
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17473 bytes
======Listing Processes======
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
c:\windows\system32\svchost.exe -k rpcss
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-961a44a7-3768-4fd1-84df-ee1845ce8f15 -SystemEventPortName:HostProcess-d6bea311-278a-45a7-ab1e-913f35eb0879 -IoCancelEventPortName:HostProcess-c6c99e8c-4c88-4587-889e-5dc4865cf830 -NonStateChangingEventPortName:HostProcess-ef568d48-a8cf-4f56-9a57-83fccd2f1179 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:90a3d71e-af4c-449d-bb8d-25ddb7128658 -DeviceGroupId:
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
dashost.exe {026ad117-582a-4650-b4006c585d8de203}
atieclxx
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-64a5fc4b-7c56-4b33-b05d-3dbf2d9f78b6 -SystemEventPortName:HostProcess-eefd9cd6-997a-4305-9374-c6a4242b887e -IoCancelEventPortName:HostProcess-2049283f-dafe-42ac-b2da-7690280448b9 -NonStateChangingEventPortName:HostProcess-1326b85a-57ee-4c58-a2da-b0beca7460df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:02b93ef4-b2bf-4dec-bd64-b764a5ef2ea6 -DeviceGroupId:
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s CscService
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\wbem\WmiApSrv.exe
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
C:\WINDOWS\system32\wbem\wmiprvse.exe
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SensorService
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe"
"C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe"
"C:\Program Files\Lenovo\Zoom\TpScrex.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe"
AvastUI.exe /nogui
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
cssauth.exe silent
"C:\Program Files (x86)\Lenovo\Lenovo Docking Detection\DockingDetection.exe"
"C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
"C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding
"C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"cmd" /c "C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe" -name 4315eb4d-e0e3-47ca-a6c1-1ce66374cbeb -runas SYSTEM -pluginName LenovoSystemUpdatePlugin -pluginVersion 1.2.93.0
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=B969ECAFAF760A24A0B83D0C37DAA9A1 --lang=en-US --lang=en-US --log-file="C:\Users\Admin\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (17.6.2310)" --proxy-auto-detect --disable-webaudio --mute-audio --force-wave-audio --disable-gpu --disable-software-rasterizer --no-sandbox --disable-webgl --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=B969ECAFAF760A24A0B83D0C37DAA9A1 --renderer-client-id=20 --mojo-platform-channel-handle=3876 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
taskhostw.exe
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\47.0.2631.80\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=6536
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=gpu-process --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,21,24,28,43,77 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.9001 --gpu-driver-date=1-13-2015 --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --service-request-channel-token=BA7A6148A7AFFCF07AB531978AD3C83C --mojo-platform-channel-handle=1704 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=8C1990E2981983C0F9AD7CD7034CB972 --lang=en-GB --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=8C1990E2981983C0F9AD7CD7034CB972 --renderer-client-id=4 --mojo-platform-channel-handle=2728 /prefetch:1
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=D5F6F2896CAEDF40FEB32F6DC396D962 --lang=en-GB --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D5F6F2896CAEDF40FEB32F6DC396D962 --renderer-client-id=8 --mojo-platform-channel-handle=4524 /prefetch:1
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=0D0AC398B6F92616F3CA8BBA71E35DFF --lang=en-GB --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=0D0AC398B6F92616F3CA8BBA71E35DFF --renderer-client-id=10 --mojo-platform-channel-handle=5464 /prefetch:1
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=C58BF309683FD3076F689427AED4C50F --lang=en-GB --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=C58BF309683FD3076F689427AED4C50F --renderer-client-id=16 --mojo-platform-channel-handle=4344 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -s BITS
C:\Windows\System32\smartscreen.exe -Embedding
"C:\totalcmd\TOTALCMD64.EXE"
C:\WINDOWS\system32\AUDIODG.EXE 0x51c
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\Admin\Downloads\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
======Scheduled tasks folder======
C:\WINDOWS\tasks\CCleanerClean.job - C:\Program Files\CCleaner\CCleaner.exe /AUTO
C:\WINDOWS\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\uaclauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\oojvcs02.default
prefs.js - "browser.startup.homepage" - "http://www.bing.com/?pc=COSP&ptag=D0119 ... =CT3335051"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Citrix.com/npican]
"Description"=Citrix ICA Client Plugin
"Path"=C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0]
"Description"=Bing Bar
"Path"=C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\oojvcs02.default\searchplugins\
bing-lavasoft.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-06 210120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-03 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-08-27 763192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-03 187968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2010-07-27 69560]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2010-07-02 380776]
"SynLenovoHelper"=C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [2015-07-28 146600]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-09-10 239856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-28 3936936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-03-31 5585136]
"OneDrive"=C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-08 1674960]
"GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-08-23 1301848]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-08-03 9832152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DockingDetection"=C:\PROGRA~2\Lenovo\LENOVO~1\DOCKIN~1.EXE [2010-03-10 2454016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2017-02-15 533616]
"Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2017-02-15 324720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2010-04-03 135432]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ACGina
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-09-10 18:59:53 ----D---- C:\ProgramData\SWCUTemp
2017-09-10 16:45:19 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-09-10 10:25:51 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-31 20:51:40 ----D---- C:\ProgramData\McAfee Security Scan
2017-08-29 22:26:34 ----D---- C:\Program Files\trend micro
2017-08-29 22:26:33 ----D---- C:\rsit
2017-08-28 23:45:45 ----D---- C:\Users\Admin\AppData\Roaming\DRPSu
2017-08-28 23:45:44 ----D---- C:\Users\Admin\AppData\Roaming\DRPNano
2017-08-28 23:42:27 ----D---- C:\Program Files (x86)\DriverToolkit
2017-08-28 23:27:23 ----A---- C:\WINDOWS\SYSWOW64\drivers\DrvAgent64.SYS
2017-08-28 23:27:20 ----D---- C:\Program Files (x86)\eSupport.com
2017-08-28 21:00:28 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2017-08-27 12:39:22 ----AD---- C:\Program Files\CCleaner
2017-08-19 06:52:14 ----D---- C:\Windows.old
2017-08-19 06:49:21 ----A---- C:\WINDOWS\SYSWOW64\IpNatHlpClient.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-08-19 06:49:19 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\qasf.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-19 06:48:55 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-08-19 06:48:55 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-08-19 06:48:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-19 06:48:54 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2017-08-19 06:48:54 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-19 06:48:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-19 06:48:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-08-19 06:48:53 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-08-19 06:48:51 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-19 06:48:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-19 06:48:50 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\shsvcs.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\shlwapi.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\fdeploy.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\werui.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\dui70.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\shsvcs.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\fdeploy.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\comdlg32.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\twinui.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\shlwapi.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\shell32.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\lpasvc.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\efscore.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\policymanager.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\officecsp.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\ofdeploy.exe
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\dmcsps.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\untfs.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\msIso.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\coredpus.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\configmanager2.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\services.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\qasf.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\bcd.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\autochk.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\spbcd.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\scksp.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\profsvcext.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\ole32.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\msacm32.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\hal.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\FrameServer.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\autofmt.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\autoconv.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\VCardParser.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\InputService.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\wininit.exe
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\tokenbinding.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\sscore.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\dxgi.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\tokenbinding.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msacm32.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\AppReadiness.dll
Nefungují na notebooku lenovo zkratky FN+ a pokud si připojím dvě obrazovky tak se mi odejdou i WIN kl.zkratky, jakýkoli prohlížeč se chová nestandardně - klik na odkaz otevře do okna namísto záložek, CTRL+S otevírá stránku pro vývojáře. Obecně pokud označím slovo, soubor tak se mi označuje vše od začátku namísto požadovaného výberu to se děje v TotalCommeder, Průzkumníku v jakemkoli prolhlížečí. Vše se mi přenáší i když jsem v Citrix prostředí.Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2017-09-10 19:00:07
Microsoft Windows 10 Pro
System drive C: has 119 GB (50%) free of 239 GB
Total RAM: 3956 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00:16, on 10-Sep-17
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal
Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gosearch.me/?u=f79738d97a1bbc7d ... 1442839767
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DockingDetection] C:\PROGRA~2\Lenovo\LENOVO~1\DOCKIN~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{b41e8429-bdb9-433c-94da-e558ff098047}: NameServer = 77.234.40.79
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @oem8.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem21.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\WINDOWS\System32\TPHDEXLG64.exe (file missing)
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17473 bytes
======Listing Processes======
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
c:\windows\system32\svchost.exe -k rpcss
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-961a44a7-3768-4fd1-84df-ee1845ce8f15 -SystemEventPortName:HostProcess-d6bea311-278a-45a7-ab1e-913f35eb0879 -IoCancelEventPortName:HostProcess-c6c99e8c-4c88-4587-889e-5dc4865cf830 -NonStateChangingEventPortName:HostProcess-ef568d48-a8cf-4f56-9a57-83fccd2f1179 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:90a3d71e-af4c-449d-bb8d-25ddb7128658 -DeviceGroupId:
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
dashost.exe {026ad117-582a-4650-b4006c585d8de203}
atieclxx
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-64a5fc4b-7c56-4b33-b05d-3dbf2d9f78b6 -SystemEventPortName:HostProcess-eefd9cd6-997a-4305-9374-c6a4242b887e -IoCancelEventPortName:HostProcess-2049283f-dafe-42ac-b2da-7690280448b9 -NonStateChangingEventPortName:HostProcess-1326b85a-57ee-4c58-a2da-b0beca7460df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:02b93ef4-b2bf-4dec-bd64-b764a5ef2ea6 -DeviceGroupId:
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s CscService
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\wbem\WmiApSrv.exe
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
C:\WINDOWS\system32\wbem\wmiprvse.exe
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SensorService
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe"
"C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe"
"C:\Program Files\Lenovo\Zoom\TpScrex.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe"
AvastUI.exe /nogui
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe" /IpNotifyInstance
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
cssauth.exe silent
"C:\Program Files (x86)\Lenovo\Lenovo Docking Detection\DockingDetection.exe"
"C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
"C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding
"C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"cmd" /c "C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\Admin\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe" -name 4315eb4d-e0e3-47ca-a6c1-1ce66374cbeb -runas SYSTEM -pluginName LenovoSystemUpdatePlugin -pluginVersion 1.2.93.0
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=B969ECAFAF760A24A0B83D0C37DAA9A1 --lang=en-US --lang=en-US --log-file="C:\Users\Admin\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (17.6.2310)" --proxy-auto-detect --disable-webaudio --mute-audio --force-wave-audio --disable-gpu --disable-software-rasterizer --no-sandbox --disable-webgl --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=B969ECAFAF760A24A0B83D0C37DAA9A1 --renderer-client-id=20 --mojo-platform-channel-handle=3876 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
taskhostw.exe
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\47.0.2631.80\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=6536
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=gpu-process --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,21,24,28,43,77 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.9001 --gpu-driver-date=1-13-2015 --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --service-request-channel-token=BA7A6148A7AFFCF07AB531978AD3C83C --mojo-platform-channel-handle=1704 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=8C1990E2981983C0F9AD7CD7034CB972 --lang=en-GB --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=8C1990E2981983C0F9AD7CD7034CB972 --renderer-client-id=4 --mojo-platform-channel-handle=2728 /prefetch:1
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=D5F6F2896CAEDF40FEB32F6DC396D962 --lang=en-GB --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D5F6F2896CAEDF40FEB32F6DC396D962 --renderer-client-id=8 --mojo-platform-channel-handle=4524 /prefetch:1
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=0D0AC398B6F92616F3CA8BBA71E35DFF --lang=en-GB --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=0D0AC398B6F92616F3CA8BBA71E35DFF --renderer-client-id=10 --mojo-platform-channel-handle=5464 /prefetch:1
"C:\Program Files (x86)\Opera\47.0.2631.80\opera.exe" --type=renderer --field-trial-handle=1660,18056645868900372416,14300281278482556436,131072 --service-pipe-token=C58BF309683FD3076F689427AED4C50F --lang=en-GB --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-download-sfx-package=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=7816 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=C58BF309683FD3076F689427AED4C50F --renderer-client-id=16 --mojo-platform-channel-handle=4344 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -s BITS
C:\Windows\System32\smartscreen.exe -Embedding
"C:\totalcmd\TOTALCMD64.EXE"
C:\WINDOWS\system32\AUDIODG.EXE 0x51c
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\Admin\Downloads\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
======Scheduled tasks folder======
C:\WINDOWS\tasks\CCleanerClean.job - C:\Program Files\CCleaner\CCleaner.exe /AUTO
C:\WINDOWS\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\uaclauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\oojvcs02.default
prefs.js - "browser.startup.homepage" - "http://www.bing.com/?pc=COSP&ptag=D0119 ... =CT3335051"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Citrix.com/npican]
"Description"=Citrix ICA Client Plugin
"Path"=C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0]
"Description"=Bing Bar
"Path"=C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\oojvcs02.default\searchplugins\
bing-lavasoft.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-06 210120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-03 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-08-27 763192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-03 187968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2010-07-27 69560]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2010-07-02 380776]
"SynLenovoHelper"=C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [2015-07-28 146600]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-09-10 239856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-28 3936936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-03-31 5585136]
"OneDrive"=C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-08 1674960]
"GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-08-23 1301848]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-08-03 9832152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DockingDetection"=C:\PROGRA~2\Lenovo\LENOVO~1\DOCKIN~1.EXE [2010-03-10 2454016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2017-02-15 533616]
"Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2017-02-15 324720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2010-04-03 135432]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ACGina
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-09-10 18:59:53 ----D---- C:\ProgramData\SWCUTemp
2017-09-10 16:45:19 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-09-10 10:25:51 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-31 20:51:40 ----D---- C:\ProgramData\McAfee Security Scan
2017-08-29 22:26:34 ----D---- C:\Program Files\trend micro
2017-08-29 22:26:33 ----D---- C:\rsit
2017-08-28 23:45:45 ----D---- C:\Users\Admin\AppData\Roaming\DRPSu
2017-08-28 23:45:44 ----D---- C:\Users\Admin\AppData\Roaming\DRPNano
2017-08-28 23:42:27 ----D---- C:\Program Files (x86)\DriverToolkit
2017-08-28 23:27:23 ----A---- C:\WINDOWS\SYSWOW64\drivers\DrvAgent64.SYS
2017-08-28 23:27:20 ----D---- C:\Program Files (x86)\eSupport.com
2017-08-28 21:00:28 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2017-08-27 12:39:22 ----AD---- C:\Program Files\CCleaner
2017-08-19 06:52:14 ----D---- C:\Windows.old
2017-08-19 06:49:21 ----A---- C:\WINDOWS\SYSWOW64\IpNatHlpClient.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-08-19 06:49:20 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-08-19 06:49:20 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-08-19 06:49:19 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-08-19 06:49:04 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\qasf.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-08-19 06:49:03 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-19 06:48:55 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-08-19 06:48:55 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-08-19 06:48:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-19 06:48:54 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2017-08-19 06:48:54 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-19 06:48:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-19 06:48:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-08-19 06:48:53 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-08-19 06:48:52 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-08-19 06:48:51 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-19 06:48:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-19 06:48:50 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\shsvcs.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\shlwapi.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\fdeploy.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2017-08-19 06:48:49 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\werui.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-08-19 06:48:49 ----A---- C:\WINDOWS\system32\dui70.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\shsvcs.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\fdeploy.dll
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-08-19 06:48:48 ----A---- C:\WINDOWS\system32\comdlg32.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\twinui.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\shlwapi.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\shell32.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\lpasvc.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\efscore.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-19 06:48:47 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\policymanager.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\officecsp.dll
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\ofdeploy.exe
2017-08-19 06:48:46 ----A---- C:\WINDOWS\system32\dmcsps.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-19 06:48:40 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\untfs.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\msIso.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\coredpus.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\configmanager2.dll
2017-08-19 06:48:39 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\services.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\qasf.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\bcd.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\autochk.exe
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-19 06:48:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\spbcd.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\scksp.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\profsvcext.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\ole32.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\msacm32.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\hal.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\FrameServer.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\autofmt.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\autoconv.exe
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-08-19 06:48:37 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\VCardParser.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\InputService.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-08-19 06:48:36 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\wininit.exe
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\tokenbinding.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\sscore.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\dxgi.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-08-19 06:48:35 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-08-19 06:48:34 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\tokenbinding.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\msacm32.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-08-19 06:48:33 ----A---- C:\WINDOWS\system32\AppReadiness.dll