Vírus je späť

[666_peter_666]

Dobrý deň,
vrátil sa mi problém, ktorý som mal 26.7.2016:

"na PC sa mi v Nastaveniach siete začal bez príčiny prestavovať slider pre Proxy do polohy "Zapnuté". Samozrejme internet prestal fungovať.
Preskenoval som PC s mojim Bitdefenderom, aj s Malwarebytes, aj so Superantispyware.
Každý niečo našiel, Malwarbytes to označil ako "PM.Optional.ProxyHijacker". Všetky nálezy som vymazal, slider vrátil do polohy "Vypnuté",
ale po reštarte sa nálezy v AV objavili zakaždým znova. Občas sa aj ten slider prestaví.
Okrem toho mi po reštarte vyskočia hlásenia "Obnovili sa výrobné nastavenia predvolenej aplikácie" "

Posielam Vám dnešný log, pozrite sa, prosím, či tam niečo nenájdete.
Ďakujem,
Peter

Logfile of random's system information tool 1.10 (written by random/random)
Run by BOSS at 2016-09-20 20:05:16
Microsoft Windows 10 Pro
System drive C: has 45 GB (20%) free of 228 GB
Total RAM: 8173 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:15:08, on 26.07.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0494)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\BOSS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 255.255.255.255 broadcasthost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [StartMenuX] "C:\Program Files\Start Menu X\StartMenuX.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESL Wire Helper Service (EslWireHelper) - Unknown owner - C:\Program Files\EslWire\service\WireHelperSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: pSP2clnt - Unknown owner - C:\Program Files\pSP2Clnt\service\pSP2Clnt.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8240 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe" /service
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
dashost.exe {fd39950e-bee2-47f1-a09495970b368d40}
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\EslWire\service\WireHelperSvc.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe" /service

"C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
"C:\Program Files\Start Menu X\StartMenuX.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\wbem\wmiprvse.exe
"D:\DL\RSITx64(1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\update-S-1-5-21-2278359358-1542340132-2198614645-1003.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\WINDOWS\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

=========Mozilla firefox=========

ProfilePath - C:\Users\BOSS\AppData\Roaming\Mozilla\Firefox\Profiles\upqp8kcc.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL


C:\Users\BOSS\AppData\Roaming\Mozilla\Firefox\Profiles\upqp8kcc.default\extensions\
djziggy@gmail.com
info@djzig.com
{8b86149f-01fb-4842-9dd8-4d7eb02fd055}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2016-08-17 1524016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26 186944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartMenuX"=C:\Program Files\Start Menu X\StartMenuX.exe [2016-06-10 7941464]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-20 20:05:16 ----D---- C:\rsit
2016-09-16 17:29:23 ----D---- C:\Program Files (x86)\YTD
2016-09-15 15:52:27 ----D---- C:\Program Files\Handbrake
2016-09-14 18:06:24 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-09-14 18:06:24 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-09-14 18:06:24 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2016-09-14 18:06:24 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-09-14 18:06:24 ----A---- C:\WINDOWS\system32\ExSMime.dll
2016-09-14 18:06:24 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-14 18:06:24 ----A---- C:\WINDOWS\system32\ClipboardServer.dll
2016-09-14 18:06:24 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-09-14 18:06:23 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-09-14 18:06:22 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-09-14 18:06:22 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-09-14 18:06:22 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2016-09-14 18:06:22 ----A---- C:\WINDOWS\SYSWOW64\ClipboardServer.dll
2016-09-14 18:06:22 ----A---- C:\WINDOWS\system32\cdd.dll
2016-09-14 18:06:21 ----A---- C:\WINDOWS\system32\wups2.dll
2016-09-14 18:06:21 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-14 18:06:21 ----A---- C:\WINDOWS\system32\POSyncServices.dll
2016-09-14 18:06:21 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-14 18:06:20 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-14 18:06:20 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2016-09-14 18:06:20 ----A---- C:\WINDOWS\system32\cscui.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccessRes.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\SYSWOW64\POSyncServices.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MosTrace.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MosHost.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MapControls.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-09-14 18:06:19 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-14 18:06:18 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-09-14 18:06:18 ----A---- C:\WINDOWS\SYSWOW64\DbgModel.dll
2016-09-14 18:06:18 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-09-14 18:06:18 ----A---- C:\WINDOWS\system32\DscCore.dll
2016-09-14 18:06:18 ----A---- C:\WINDOWS\system32\DbgModel.dll
2016-09-14 18:06:17 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2016-09-14 18:06:17 ----A---- C:\WINDOWS\system32\resutils.dll
2016-09-14 18:06:17 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-09-14 18:06:17 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-14 18:06:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2016-09-14 18:06:16 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2016-09-14 18:06:16 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-14 18:06:16 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-09-14 18:06:16 ----A---- C:\WINDOWS\system32\ContactActivation.dll
2016-09-14 18:06:15 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-09-14 18:06:15 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2016-09-14 18:06:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-09-14 18:06:15 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-14 18:06:15 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-09-14 18:06:15 ----A---- C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-14 18:06:15 ----A---- C:\WINDOWS\system32\CastLaunch.dll
2016-09-14 18:06:15 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-14 18:06:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-09-14 18:06:14 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2016-09-14 18:06:14 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-09-14 18:06:14 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-14 18:06:14 ----A---- C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-14 18:06:14 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-09-14 18:06:14 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2016-09-14 18:06:13 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-09-14 18:06:13 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-09-14 18:06:13 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-14 18:06:13 ----A---- C:\WINDOWS\system32\clusapi.dll
2016-09-14 18:06:12 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-09-14 18:06:12 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2016-09-14 18:06:12 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\SYSWOW64\MSAJApi.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-09-14 18:06:11 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-09-14 18:06:11 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\XamlTileRender.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\invagent.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\devinv.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\csrsrv.dll
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-09-14 18:06:11 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\system32\eappprxy.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\system32\eapphost.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\system32\eappgnui.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\system32\eappcfg.dll
2016-09-14 18:06:10 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2016-09-14 18:06:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2016-09-14 18:06:09 ----A---- C:\WINDOWS\SYSWOW64\ContactActivation.dll
2016-09-14 18:06:09 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-14 18:06:09 ----A---- C:\WINDOWS\system32\provengine.dll
2016-09-14 18:06:09 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-09-14 18:06:09 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-09-14 18:06:09 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-09-14 18:06:08 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-09-14 18:06:08 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-14 18:06:08 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-14 18:06:08 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-14 18:06:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-14 18:06:08 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-14 18:06:08 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-09-14 18:06:08 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-09-14 18:06:07 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\msctf.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\mf.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2016-09-14 18:06:07 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-09-14 18:06:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-09-14 18:06:06 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-14 18:06:06 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-09-14 18:06:06 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-09-14 18:06:06 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\UserDataTypeHelperUtil.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\UserDataLanguageUtil.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\ExtrasXmlParser.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\SYSWOW64\AddressParser.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\system32\VCardParser.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\system32\dlnashext.dll
2016-09-14 18:06:05 ----A---- C:\WINDOWS\system32\AddressParser.dll
2016-09-14 18:06:04 ----A---- C:\WINDOWS\SYSWOW64\msxml6r.dll
2016-09-14 18:06:04 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-09-14 18:06:04 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-09-14 18:06:04 ----A---- C:\WINDOWS\system32\msxml6r.dll
2016-09-14 18:06:04 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-09-14 18:06:03 ----A---- C:\WINDOWS\SYSWOW64\MosResource.dll
2016-09-14 18:06:03 ----A---- C:\WINDOWS\system32\MosResource.dll
2016-09-14 18:06:02 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-09-14 18:06:02 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-09-14 18:06:02 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-09-14 18:06:02 ----A---- C:\WINDOWS\system32\NmaDirect.dll
2016-09-14 18:06:02 ----A---- C:\WINDOWS\system32\moshost.dll
2016-09-14 18:06:02 ----A---- C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-14 18:06:02 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-09-14 18:06:02 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-09-14 18:06:02 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\PhoneService.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\nativemap.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\mapstoasttask.dll
2016-09-14 18:06:01 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-09-14 18:06:00 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-14 18:06:00 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-09-14 18:06:00 ----A---- C:\WINDOWS\system32\hvloader.exe
2016-09-14 18:06:00 ----A---- C:\WINDOWS\system32\hvix64.exe
2016-09-14 18:06:00 ----A---- C:\WINDOWS\system32\hvax64.exe
2016-09-14 18:05:59 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2016-09-14 18:05:59 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-09-14 18:05:59 ----A---- C:\WINDOWS\SYSWOW64\setupugc.exe
2016-09-14 18:05:59 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-09-14 18:05:59 ----A---- C:\WINDOWS\system32\win32u.dll
2016-09-14 18:05:59 ----A---- C:\WINDOWS\system32\win32k.sys
2016-09-14 18:05:59 ----A---- C:\WINDOWS\system32\setupugc.exe
2016-09-14 18:05:59 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-09-14 18:05:59 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2016-09-14 18:05:58 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-09-14 18:05:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-09-14 18:05:58 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-09-14 18:05:58 ----A---- C:\WINDOWS\system32\wininet.dll
2016-09-14 18:05:58 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-14 18:05:58 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-09-14 18:05:57 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-09-14 18:05:57 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-09-14 18:05:57 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2016-09-14 18:05:57 ----A---- C:\WINDOWS\system32\lsass.exe
2016-09-14 18:05:57 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-09-14 18:05:57 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\system32\sspicli.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\system32\evr.dll
2016-09-14 18:05:56 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2016-09-14 18:05:56 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-09-14 18:05:55 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-09-14 18:05:55 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-09-14 18:05:55 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-09-14 18:05:55 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-09-14 18:05:55 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\GamePanel.exe
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-14 18:05:54 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-14 18:05:53 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-09-14 18:05:53 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-09-14 18:05:53 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-14 18:05:52 ----A---- C:\WINDOWS\system32\aadtb.dll
2016-09-14 18:05:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-09-14 18:05:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-09-14 18:05:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-09-14 18:05:51 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-09-14 18:05:51 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-09-14 18:05:51 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-09-14 18:05:50 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-09-14 18:05:50 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-09-14 18:05:50 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\wmpmde.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\system32\wmpmde.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\system32\winmde.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\system32\ole32.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-09-14 18:05:49 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-09-14 18:05:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-09-14 18:05:48 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-14 18:05:48 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-09-14 18:05:48 ----A---- C:\WINDOWS\system32\combase.dll
2016-09-14 18:05:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-14 18:05:47 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-09-14 18:05:46 ----A---- C:\WINDOWS\SYSWOW64\NmaDirect.dll
2016-09-14 18:05:46 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-09-14 18:05:46 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-14 18:05:46 ----A---- C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
2016-09-14 18:05:45 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-14 18:05:45 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-09-14 18:05:45 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-09-14 18:05:45 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-09-14 18:05:44 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-09-14 18:05:44 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-09-14 18:05:44 ----A---- C:\WINDOWS\system32\wwanconn.dll
2016-09-14 18:05:44 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-09-14 18:05:44 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-09-14 18:05:44 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-09-14 18:05:42 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-09-14 18:05:42 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-09-14 18:05:42 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-14 18:05:42 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-09-14 18:05:42 ----A---- C:\WINDOWS\system32\DMRServer.dll
2016-09-14 18:05:42 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\SYSWOW64\PhoneutilRes.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\SYSWOW64\MapControlStringsRes.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\system32\tzres.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-14 18:05:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-14 18:05:40 ----A---- C:\WINDOWS\system32\winresume.exe
2016-09-14 18:05:40 ----A---- C:\WINDOWS\system32\winload.exe
2016-09-14 18:05:40 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2016-09-14 18:05:40 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-09-14 18:05:39 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-09-14 18:05:39 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-14 18:05:39 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-09-14 18:05:39 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-09-14 18:05:39 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-09-14 18:05:39 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-09-14 18:05:38 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-14 18:05:38 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-14 18:05:38 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-09-14 18:05:38 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2016-09-14 18:05:38 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-09-14 18:05:37 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-09-14 18:05:37 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-09-14 18:05:37 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-09-14 18:05:36 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-09-14 18:05:36 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-09-14 18:05:36 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-09-14 18:05:35 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-09-14 18:05:35 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-14 18:05:34 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-09-14 18:05:34 ----A---- C:\WINDOWS\system32\authui.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\system32\SensorDataService.exe
2016-09-14 18:05:32 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-09-14 18:05:32 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-09-14 18:05:31 ----A---- C:\WINDOWS\system32\InputService.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-09-14 18:05:30 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-14 18:05:30 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-14 18:05:30 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-14 18:05:29 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-09-14 18:05:29 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-09-14 18:05:29 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-09-14 18:05:29 ----A---- C:\WINDOWS\system32\pnidui.dll
2016-09-14 18:05:29 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-09-14 18:05:29 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-09-14 18:05:29 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-09-14 18:05:28 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-09-14 18:05:28 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-14 18:05:28 ----A---- C:\WINDOWS\system32\shell32.dll
2016-09-14 18:05:28 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-14 18:05:28 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-09-14 18:05:27 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-09-14 18:05:27 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-09-14 18:05:25 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-09-14 18:05:25 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-09-14 18:05:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-09-14 18:05:25 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-09-14 18:05:25 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-09-14 18:05:25 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-09-14 18:05:25 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-09-14 18:05:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-09-14 18:05:23 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-09-14 18:05:23 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-14 18:05:23 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-09-14 18:05:23 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-09-14 18:05:22 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-09-14 18:05:22 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2016-09-14 18:05:22 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2016-09-14 18:05:22 ----A---- C:\WINDOWS\system32\mos.dll
2016-09-14 18:05:22 ----A---- C:\WINDOWS\system32\MapRouter.dll
2016-09-14 18:05:22 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2016-09-14 18:05:22 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-09-14 18:05:21 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-09-14 18:05:21 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-09-14 18:05:21 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-09-14 18:05:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-09-14 18:05:21 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-09-14 18:05:20 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-09-14 18:05:20 ----A---- C:\WINDOWS\system32\wmp.dll
2016-09-14 18:05:20 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-09-14 18:05:19 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-09-14 18:05:19 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-09-14 18:05:19 ----A---- C:\WINDOWS\system32\twinui.dll
2016-09-14 18:05:19 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-14 18:05:15 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-14 18:05:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-09-14 18:05:13 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-09-14 18:05:12 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-09-14 18:05:12 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-09-14 18:05:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-09-14 18:05:11 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-09-14 18:05:11 ----A---- C:\WINDOWS\system32\aclui.dll
2016-09-14 18:05:10 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-09-14 18:05:10 ----A---- C:\WINDOWS\system32\wwanmm.dll
2016-09-10 16:07:32 ----SHD---- C:\Recovery
2016-09-10 16:07:31 ----DC---- C:\WINDOWS\Panther
2016-09-10 16:05:39 ----D---- C:\Windows.old
2016-09-10 16:05:28 ----D---- C:\Program Files\CMAK
2016-09-10 16:05:28 ----D---- C:\Program Files (x86)\CMAK
2016-09-10 16:05:06 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2016-09-10 16:05:06 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2016-09-10 16:05:06 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-09-10 16:05:06 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-09-10 16:05:06 ----A---- C:\WINDOWS\system32\encapi.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\tcpipcfg.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\spwmp.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\slcext.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\slc.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncPolicy.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\netiougc.exe
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\dxmasf.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\DscCoreConfProv.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wpninprc.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\spwmp.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\mfps.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\iesetup.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\iernonce.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\dxmasf.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\deviceassociation.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\dasHost.exe
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\das.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-10 16:05:03 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-09-10 16:05:02 ----A---- C:\WINDOWS\system32\tsmf.dll
2016-09-10 16:05:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\SYSWOW64\pidgenx.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\w32time.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\uReFS.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\tcpipcfg.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\sppcext.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\sppc.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\slcext.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\slc.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\provtool.exe
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\provops.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\provdatastore.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\pidgenx.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\netiougc.exe
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\GenValObj.exe
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\C_IS2022.DLL
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\c_GSM7.DLL
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\C_G18030.DLL
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-10 16:05:01 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.UXRes.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\storagewmi_passthru.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\smphost.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\mfpmp.exe
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\encapi.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\deviceassociation.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\delegatorprovider.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\C_IS2022.DLL
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\c_GSM7.DLL
2016-09-10 16:04:59 ----A---- C:\WINDOWS\SYSWOW64\C_G18030.DLL
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\wincorlib.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\wevtapi.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\usocore.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\user32.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\storagewmi.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\smphost.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\schannel.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\samlib.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\offlinesam.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\mispace.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\mfpmp.exe
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\delegatorprovider.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\dafpos.dll
2016-09-10 16:04:59 ----A---- C:\WINDOWS\system32\container.dll
2016-09-10 16:03:34 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2016-09-10 16:03:34 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2016-09-10 16:03:34 ----A---- C:\WINDOWS\system32\prm0009.dll
2016-09-10 16:03:34 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2016-09-10 16:03:34 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2016-09-10 16:03:10 ----D---- C:\WINDOWS\system32\Microsoft
2016-09-10 16:02:15 ----D---- C:\Program Files\Reference Assemblies
2016-09-10 16:02:15 ----D---- C:\Program Files\MSBuild
2016-09-10 16:02:15 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-09-10 16:02:15 ----D---- C:\Program Files (x86)\MSBuild
2016-09-10 16:02:01 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-09-10 16:02:01 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-09-10 16:02:01 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-10 16:01:59 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-10 16:01:59 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-10 16:01:59 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-10 16:01:53 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2016-09-10 15:17:50 ----D---- C:\ProgramData\Microsoft OneDrive
2016-09-10 15:13:43 ----D---- C:\ProgramData\USOShared
2016-09-10 15:10:32 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-09-10 15:09:45 ----SD---- C:\Users\BOSS\AppData\Roaming\Microsoft
2016-09-10 15:09:02 ----AS---- C:\WINDOWS\bootstat.dat
2016-09-10 15:08:57 ----D---- C:\WINDOWS\system32\DAX2
2016-09-10 15:08:54 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2016-09-10 15:08:54 ----D---- C:\Program Files\Realtek
2016-09-10 15:08:46 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-09-10 15:08:46 ----AD---- C:\Program Files\AMD
2016-09-10 15:08:18 ----D---- C:\WINDOWS\system32\SleepStudy
2016-09-10 15:08:18 ----D---- C:\WINDOWS\ServiceProfiles
2016-09-10 15:08:18 ----D---- C:\WINDOWS\Prefetch
2016-09-10 15:08:16 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-10 14:40:50 ----HD---- C:\$WINDOWS.~BT
2016-09-10 14:39:21 ----A---- C:\WINDOWS\progress.ini
2016-09-10 14:37:18 ----HD---- C:\$GetCurrent
2016-09-10 14:37:11 ----D---- C:\Windows10Upgrade
2016-09-04 18:31:28 ----AD---- C:\Program Files\CCleaner
2016-09-04 17:50:55 ----D---- C:\WINDOWS\Cnxt
2016-09-04 17:50:54 ----D---- C:\ProgramData\Conexant
2016-08-31 00:39:06 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-08-31 00:39:06 ----A---- C:\WINDOWS\system32\drivers\sshid.sys

======List of files/folders modified in the last 1 month======

2016-09-20 20:05:17 ----D---- C:\Program Files\trend micro
2016-09-20 20:00:09 ----D---- C:\WINDOWS\system32\drivers\etc
2016-09-20 19:58:38 ----D---- C:\WINDOWS\Temp
2016-09-20 19:57:48 ----D---- C:\WINDOWS\system32\config
2016-09-20 19:57:24 ----RD---- C:\WINDOWS\Microsoft.NET
2016-09-20 19:50:45 ----HD---- C:\Program Files\WindowsApps
2016-09-20 19:50:45 ----D---- C:\WINDOWS\AppReadiness
2016-09-20 19:49:41 ----D---- C:\WINDOWS\System32
2016-09-20 19:49:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-20 19:45:36 ----AD---- C:\Program Files\Bitdefender Agent
2016-09-20 19:45:33 ----HD---- C:\ProgramData
2016-09-19 17:05:50 ----D---- C:\WINDOWS\system32\sru
2016-09-19 17:05:49 ----A---- C:\bdlog.txt
2016-09-18 16:33:44 ----AD---- C:\Program Files\EslWire
2016-09-17 17:40:08 ----D---- C:\WINDOWS\system32\catroot2
2016-09-17 15:44:45 ----D---- C:\WINDOWS\WinSxS
2016-09-17 15:16:14 ----D---- C:\WINDOWS\CbsTemp
2016-09-17 15:16:11 ----SHD---- C:\System Volume Information
2016-09-17 11:25:44 ----D---- C:\AdwCleaner
2016-09-16 23:12:49 ----D---- C:\FRST
2016-09-16 23:11:37 ----D---- C:\WINDOWS\Tasks
2016-09-16 20:56:32 ----D---- C:\Users\BOSS\AppData\Roaming\YouTube Downloader
2016-09-16 17:31:55 ----RD---- C:\Program Files (x86)
2016-09-16 17:20:52 ----D---- C:\Program Files\Fraps
2016-09-15 18:52:40 ----D---- C:\WINDOWS\system32\CatRoot
2016-09-15 16:15:11 ----D---- C:\WINDOWS\system32\DriverStore
2016-09-15 16:12:30 ----D---- C:\WINDOWS\rescache
2016-09-15 15:59:28 ----D---- C:\Users\BOSS\AppData\Roaming\vlc
2016-09-15 15:52:27 ----RD---- C:\Program Files
2016-09-15 14:44:29 ----D---- C:\WINDOWS\system32\drivers
2016-09-15 12:59:43 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-09-15 12:57:36 ----SHD---- C:\WINDOWS\Installer
2016-09-15 12:56:38 ----D---- C:\WINDOWS\INF
2016-09-15 12:56:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-09-15 12:45:12 ----D---- C:\x
2016-09-15 12:12:15 ----RD---- C:\WINDOWS\assembly
2016-09-14 18:11:10 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-09-14 18:11:10 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-09-14 18:11:10 ----D---- C:\WINDOWS\SysWOW64
2016-09-14 18:11:09 ----SD---- C:\WINDOWS\system32\F12
2016-09-14 18:11:09 ----SD---- C:\WINDOWS\system32\dsc
2016-09-14 18:11:09 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\zh-TW
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\zh-HK
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\zh-CN
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\uk-UA
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\tr-TR
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\th-TH
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\sv-SE
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\sl-SI
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\sk-SK
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\ru-RU
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\ro-RO
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\pt-PT
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\pt-BR
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\pl-PL
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\oobe
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\nl-NL
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\nb-NO
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\lv-LV
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\lt-LT
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\ko-KR
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\ja-jp
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\it-IT
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\hu-HU
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\hr-HR
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\he-IL
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\fr-FR
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\fr-CA
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\fi-FI
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\et-EE
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\es-MX
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\es-ES
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\en-US
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\en-GB
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\el-GR
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\Dism
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\de-DE
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\da-DK
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\cs-CZ
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\Boot
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\bg-BG
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\ar-SA
2016-09-14 18:11:09 ----D---- C:\WINDOWS\system32\appraiser
2016-09-14 18:11:09 ----D---- C:\WINDOWS\ShellExperiences
2016-09-14 18:11:09 ----D---- C:\WINDOWS\Provisioning
2016-09-14 18:11:09 ----D---- C:\WINDOWS\AppPatch
2016-09-14 18:11:09 ----D---- C:\Program Files (x86)\Windows Mail
2016-09-14 18:11:09 ----D---- C:\Program Files (x86)\Windows Defender
2016-09-14 18:11:09 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-14 18:11:08 ----RD---- C:\Program Files\Windows Defender
2016-09-14 18:11:08 ----D---- C:\Program Files\Windows Media Player
2016-09-14 18:11:08 ----D---- C:\Program Files\Windows Mail
2016-09-14 18:11:08 ----D---- C:\Program Files\Internet Explorer
2016-09-14 18:09:09 ----D---- C:\ProgramData\Microsoft Help
2016-09-14 18:04:52 ----A---- C:\WINDOWS\win.ini
2016-09-13 17:54:10 ----D---- C:\WINDOWS\Logs
2016-09-12 18:49:17 ----AD---- C:\Program Files\SUPERAntiSpyware
2016-09-11 18:18:18 ----D---- C:\Program Files (x86)\Steam
2016-09-11 16:00:49 ----D---- C:\WINDOWS\system32\WDI
2016-09-10 16:07:26 ----D---- C:\WINDOWS\Setup
2016-09-10 16:05:28 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-09-10 16:05:28 ----D---- C:\WINDOWS\system32\migration
2016-09-10 16:05:28 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-10 16:05:28 ----D---- C:\Program Files (x86)\Windows Media Player
2016-09-10 16:03:37 ----D---- C:\WINDOWS\OCR
2016-09-10 15:39:06 ----D---- C:\Program Files (x86)\DWS
2016-09-10 15:29:04 ----D---- C:\Windows
2016-09-10 15:18:49 ----D---- C:\WINDOWS\system32\restore
2016-09-10 15:17:35 ----D---- C:\WINDOWS\system32\wbem
2016-09-10 15:15:46 ----D---- C:\WINDOWS\debug
2016-09-10 15:15:42 ----D---- C:\WINDOWS\SoftwareDistribution
2016-09-10 15:15:30 ----D---- C:\WINDOWS\Registration
2016-09-10 15:15:05 ----RSD---- C:\WINDOWS\Fonts
2016-09-10 15:15:05 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-09-10 15:15:05 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2016-09-10 15:14:28 ----D---- C:\WINDOWS\system32\Tasks
2016-09-10 15:14:28 ----D---- C:\WINDOWS\system32\LogFiles
2016-09-10 15:14:21 ----SD---- C:\ProgramData\Microsoft
2016-09-10 15:13:43 ----D---- C:\ProgramData\USOPrivate
2016-09-10 15:12:45 ----D---- C:\WINDOWS\SYSWOW64\PolicyDefinitions
2016-09-10 15:12:45 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-09-10 15:12:45 ----D---- C:\WINDOWS\ShellNew
2016-09-10 15:12:45 ----D---- C:\WINDOWS\ModemLogs
2016-09-10 15:12:45 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-09-10 15:12:30 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-09-10 15:11:07 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2016-09-10 15:11:07 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-09-10 15:11:06 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2016-09-10 15:11:06 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-09-10 15:11:04 ----D---- C:\WINDOWS\system32\spool
2016-09-10 15:11:03 ----D---- C:\WINDOWS\system32\slmgr
2016-09-10 15:11:03 ----D---- C:\WINDOWS\system32\NDF
2016-09-10 15:10:52 ----D---- C:\WINDOWS\PolicyDefinitions
2016-09-10 15:10:51 ----D---- C:\WINDOWS\LiveKernelReports
2016-09-10 15:10:48 ----D---- C:\WINDOWS\Help
2016-09-10 15:10:47 ----RD---- C:\Users
2016-09-10 15:10:45 ----D---- C:\Program Files\Microsoft.NET
2016-09-10 15:10:45 ----D---- C:\Program Files\Common Files\System
2016-09-10 15:10:45 ----D---- C:\Program Files\Common Files
2016-09-10 15:10:45 ----D---- C:\Program Files (x86)\Common Files
2016-09-10 15:10:45 ----AD---- C:\Program Files\Common Files\microsoft shared
2016-09-10 15:10:45 ----AD---- C:\Program Files (x86)\Microsoft.NET
2016-09-10 15:10:37 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-09-10 15:10:37 ----D---- C:\WINDOWS\system32\Recovery
2016-09-10 15:09:30 ----D---- C:\WINDOWS\system32\Sysprep
2016-09-10 15:09:06 ----RD---- C:\WINDOWS\PrintDialog
2016-09-10 15:09:06 ----RD---- C:\WINDOWS\MiracastView
2016-09-09 19:27:23 ----D---- C:\Users\BOSS\AppData\Roaming\Skype
2016-09-07 18:32:38 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-09-04 18:35:03 ----D---- C:\Program Files\SteelSeries
2016-09-03 15:05:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-03 13:58:37 ----AD---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2016-08-29 1603264]
R0 ESLWireAC;ESLWireAC; C:\WINDOWS\system32\drivers\ESLWireACD.sys [2016-09-04 108168]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-04-29 182936]
R0 ignis;ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2016-06-28 299816]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-28 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-28 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 LGCoreTemp;Logitech CPU Core Tempurature; \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [2015-06-21 14184]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-23 23973888]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-23 672256]
R3 AtiHDAudioService;@oem99.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-09-21 102912]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2016-08-29 850464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-08-09 4504320]
R3 LGBusEnum;@oem173.inf,%LGBusEnum.SVCDESC%;Logitech Gaming Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2015-06-11 37408]
R3 LGJoyXlCore;@oem173.inf,%LGJoyXlCore.SVCDESC%;Logitech Translation Layer Driver (LGS); C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [2015-06-11 68384]
R3 MEIx64;@oem331.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2015-08-09 56344]
R3 rimvndis;@oem25.inf,%rimvndis.DeviceDesc%;BlackBerry Virtual Private Network; C:\WINDOWS\System32\Drivers\rimvndis6_AMD64.sys [2015-03-19 18432]
R3 RimVSerPort;@oem22.inf,%RimVSerPort%;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 seehcri;@oem220.inf,%seehcrirf.SvcDesc%;Sony Ericsson seehcri Device Driver; C:\WINDOWS\System32\drivers\seehcri.sys [2014-09-29 34032]
R3 ssdevfactory;@oem365.inf,%ssdevfactory.SVCDESC%;SteelSeries Device Factory Service; C:\WINDOWS\System32\drivers\ssdevfactory.sys [2016-06-15 40568]
S0 amdkmafd;@oem249.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-06-03 31992]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2013-09-08 23568]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [2015-01-21 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [2015-01-26 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [2015-01-26 37376]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-07-17 126304]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-17 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-17 141152]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 blackberryncm;@oem156.inf,%blackberryncm.SVCDESC%;BlackBerryNCM Service; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [2016-04-06 36360]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-07-16 117248]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-08-31 108800]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-17 179040]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\syswow64\pwdspio.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RimUsb;@oem209.inf,%RimUsb.DeviceDesc%;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [2014-05-06 79872]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 sshid;@oem333.inf,%sshid.SvcDesc%;SteelSeries HID Service; C:\WINDOWS\System32\drivers\sshid.sys [2016-08-31 52952]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-08-31 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-23 246272]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_4371b;CDPUserSvc_4371b; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DTSAudioService;DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2015-08-09 218768]
R2 EslWireHelper;ESL Wire Helper Service; C:\Program Files\EslWire\service\WireHelperSvc.exe [2016-04-12 663056]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2016-09-13 1088944]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 pSP2clnt;pSP2clnt; C:\Program Files\pSP2Clnt\service\pSP2Clnt.exe [2016-06-28 1133056]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-07-31 1405448]
S3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2014-10-31 588024]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2015-03-20 344288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_4371b;MessagingService_4371b; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-03 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_4371b;Kontaktné údaje_4371b; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RIM MDNS;RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2015-03-19 396024]
S3 RIM Tunnel Service;BlackBerry Link Communication Manager; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2015-03-19 1354488]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-07-17 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-07-17 823136]
S4 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S4 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 OneSyncSvc_4371b;Sync Host_4371b; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[666_peter_666]

# AdwCleaner v6.020 - Logfile created 21/09/2016 at 20:59:28
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-21.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : BOSS - BOSS-PC
# Running from : C:\Users\BOSS\Desktop\adwcleaner_6.020.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3201 Bytes] - [27/07/2016 17:27:44]
C:\AdwCleaner\AdwCleaner[C2].txt - [1554 Bytes] - [16/09/2016 22:51:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [878 Bytes] - [21/09/2016 20:59:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [3071 Bytes] - [27/07/2016 17:26:29]
C:\AdwCleaner\AdwCleaner[S2].txt - [1580 Bytes] - [16/09/2016 22:51:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [1400 Bytes] - [17/09/2016 11:25:44]
C:\AdwCleaner\AdwCleaner[S4].txt - [1489 Bytes] - [21/09/2016 20:59:18]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1242 Bytes] ##########

[Rudy]

Toto je OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[666_peter_666]

Dobrý večer, v prílohe posielam zazipovaný log.

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FF DefaultSearchEngine: DuckDuckGo
C:\Users\Igor\AppData\Local\6ADE.tmp
C:\Users\Igor\AppData\Local\62F5.tmp
C:\Users\Igor\AppData\Local\1159.tmp
C:\Users\Igor\AppData\Local\3A98.tmp
C:\Users\Igor\AppData\Local\382A.tmp
C:\Users\Igor\AppData\Local\1186.tmp
C:\Users\Igor\AppData\Local\1412.tmp
C:\Users\BOSS\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[666_peter_666]

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-09-2016
Ran by BOSS (22-09-2016 21:24:01) Run:3
Running from C:\Users\BOSS\Desktop
Loaded Profiles: BOSS (Available Profiles: BOSS & Igor)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FF DefaultSearchEngine: DuckDuckGo
C:\Users\Igor\AppData\Local\6ADE.tmp
C:\Users\Igor\AppData\Local\62F5.tmp
C:\Users\Igor\AppData\Local\1159.tmp
C:\Users\Igor\AppData\Local\3A98.tmp
C:\Users\Igor\AppData\Local\382A.tmp
C:\Users\Igor\AppData\Local\1186.tmp
C:\Users\Igor\AppData\Local\1412.tmp
C:\Users\BOSS\AppData\Local\Temp
End
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Error setting value.
Firefox DefaultSearchEngine removed successfully
C:\Users\Igor\AppData\Local\6ADE.tmp => moved successfully
C:\Users\Igor\AppData\Local\62F5.tmp => moved successfully
C:\Users\Igor\AppData\Local\1159.tmp => moved successfully
C:\Users\Igor\AppData\Local\3A98.tmp => moved successfully
C:\Users\Igor\AppData\Local\382A.tmp => moved successfully
C:\Users\Igor\AppData\Local\1186.tmp => moved successfully
C:\Users\Igor\AppData\Local\1412.tmp => moved successfully
C:\Users\BOSS\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:24:02 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[666_peter_666]

Dobrý deň,
hneď po vyčistení podla vašich pokynov som reštartoval PC, urobil aom scan s Malwarebytes a našiel mi 4 infekcie - screenshot v prílohe.
Tiež sa mi nastavili k multimediálnym súborom systémové programy "Fotografie" pre .jpg a ja som používal Windows photo viewer, "Groove hudba" pre .mp3 -
mal som Winamp atď.
Asi mi tam ešte niečo zostalo.

[Rudy]

Pokud jste to smazal, mělo by již být čisto. Zkuste ručně ty asociace souborů změnit. Bohužel přesně nevím, kde je to u desítek, ale pomůže vám nápověda systému.

[666_peter_666]

Dobrý večer,
v Predvolených programoch som znova priradil typy súborov k mojim požadovaným programom, preskenoal som systém s MB,
aj so Superantispyware; ak sa mi Predvolené programy znova samé od seba neprestavia, bude to ok.
Ak by sa to stalo, zase sa ozvem, ale v každom prípade vám pekne ďakujem za pomoc.
Peter

[Rudy]

OK. Zatím nemáte zač!