Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosim o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

prosim o kontrolu

#1 Příspěvek od Zdenno »

Dobry den,
poprosil by som o kontrolu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdenno at 2016-09-26 18:21:56
Microsoft Windows 10 Home
System drive C: has 59 GB (27%) free of 223 GB
Total RAM: 16341 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:22:14, on 26.09.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Zdenno.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/#web/result?source=art&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/#web/result?source=art&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Kerio Control VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
O4 - HKLM\..\Run: [C.T.R.L.R] C:\Program Files\Mad Catz\C.T.R.L.R\CTRLR_Profiler.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Content Manager Assistant for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kerio Control VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: upsMonitor - Acresso - C:\Program Files (x86)\ViewPower2.10\upsMonitor.exe
O23 - Service: Apache Tomcat upsTomcat (upsTomcat) - Apache Software Foundation - C:\Program Files (x86)\ViewPower2.10\tomcat\bin\tomcat6.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13691 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"
"C:\windows\system32\mfevtps.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\ViewPower2.10\upsMonitor.exe" -zglaxservice upsMonitor
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"

"C:\windows\system32\mfevtps.exe" -mms
"C:\Program Files (x86)\ViewPower2.10\jre\bin\javaw.exe" -Xrs -classpath "C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar;C:\Program Files (x86)\ViewPower2.10\monitor\derby.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\htmlconverter.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\deploy.jar;C:\Program Files (x86)\ViewPower2.10\monitor\volModbus.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-masterfs.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\rt.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\backport-util-concurrent.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\viewpowerweb.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\profiler3\lib\jfluid-server.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\ext\jh-2.0_05.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\im\indicim.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\jasper-el.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-autoupdate-ui.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-queries.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-windows.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-messaging-data-req.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-execution.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\bin\bootstrap.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\ext\swing-layout-1.0.3.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\javaws.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\tomcat-i18n-ja.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-awt.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\ext\updater.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\ext\sunjce_provider.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\el-api.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-autoupdate-services.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\docs\swing-layout-1.0.3-src.zip;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-core-nativeaccess.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\commons-logging.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\lib\boot.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\annotations-api.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-messaging-core.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jmx.jar;C:\Program Files (x86)\ViewPower2.10\monitor\snmp4j-1.11.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\ext\sunpkcs11.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar;C:\Program Files (x86)\ViewPower2.10\monitor\RXTXcomm.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\lib\org-openide-modules.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\volUtil.jar;C:\Program Files (x86)\ViewPower2.10\console\lib\SoftewareUpgrade.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-editor-mimelookup-impl.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-messaging-common.jar;C:\Program Files (x86)\ViewPower2.10\monitor\mail.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-options.jar;C:\Program Files (x86)\ViewPower2.10\monitor\commons-logging.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\tomcat-i18n-fr.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\core\org-openide-filesystems.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\catalina-ha.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-core-windows.jar;C:\Program Files (x86)\ViewPower2.10\monitor\dom4j-1.6.1.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-core-execution.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\management-agent.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\jasper.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\ext\localedata.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\bin\commons-daemon.jar;C:\Program Files (x86)\ViewPower2.10\monitor\saxpath.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-applemenu.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-settings.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\tools.jar;C:\Program Files (x86)\ViewPower2.10\monitor\jaxen-full.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-io.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\resources.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\ext\sunmscapi.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\bin\tomcat-juli.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\deploy\ffjcext.zip;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\profiler3\modules\org-netbeans-modules-profiler.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-progress-ui.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\catalina-tribes.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\jasper-jdt.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-core-multiview.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-nodes.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\dom4j-1.6.1.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-messaging-data.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\ext\dnsns.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\commons-httpclient-3.0.1.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-util-enumerations.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-javahelp.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\profiler3\modules\org-netbeans-lib-profiler.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-attach.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\jsse.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-editor-mimelookup.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-messaging-remoting.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\profiler3\lib\jfluid-server-15.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-loaders.jar;C:\Program Files (x86)\ViewPower2.10\monitor\snmp4j-1.11-javadoc.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-acrobat.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-templates.jar;C:\Program Files (x86)\ViewPower2.10\console\lib\JTattoo.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\security\US_export_policy.jar;C:\Program Files (x86)\ViewPower2.10\monitor\spring-core.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\plugin.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\servlet-api.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\jsp-api.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-dialogs.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-favorites.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-explorer.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-sendopts.jar;C:\Program Files (x86)\ViewPower2.10\monitor\viewpowermonitor.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\catalina-ant.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\lib\org-openide-util.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\core\locale\core_visualvm.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\dt.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\tomcat-i18n-es.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\profiler3\modules\org-netbeans-lib-profiler-common.jar;C:\Program Files (x86)\ViewPower2.10\monitor\spring-beans.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-swing-plaf.jar;C:\Program Files (x86)\ViewPower2.10\console\lib\ViewPowerConsole.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-options-api.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-text.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\viewpowerRMI.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-api-progress.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\profiler3\modules\org-netbeans-lib-profiler-ui.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-swing-tabcontrol.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\catalina.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-swing-outline.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\docs\swing-layout-1.0.3-doc.zip;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-options-keymap.jar;C:\Program Files (x86)\ViewPower2.10\monitor\iText-5.0.6.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\jaxen-full.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-jdesktop-layout.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\alt-rt.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\im\thaiim.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-core-output2.jar;C:\Program Files (x86)\ViewPower2.10\monitor\log4j-1.2.14.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\charsets.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\security\local_policy.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-spi-quicksearch.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-messaging-opt.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\log4j-1.2.14.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-api-visual.jar;C:\Program Files (x86)\ViewPower2.10\jdk\jre\lib\jce.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-actions.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-core.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\tomcat-coyote.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\webapps\ViewPower\WEB-INF\lib\flex-messaging-proxy.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-modules-core-kit.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\jconsole.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\core\core.jar;C:\Program Files (x86)\ViewPower2.10\tomcat\lib\tomcat-dbcp.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-openide-compat.jar;C:\Program Files (x86)\ViewPower2.10\jdk\lib\visualvm\platform9\modules\org-netbeans-core-ui.jar;C:\Program Files (x86)\ViewPower2.10\lax.jar;" com.zerog.lax.LAX "C:/Program Files (x86)/ViewPower2.10/upsMonitor.lax" "C:/WINDOWS/TEMP/lax1B48.tmp"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ViewPower2.10\tomcat\bin\tomcat6.exe" //RS//upsTomcat
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_0000093c
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.116 --handshake-handle=0x244
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7512.0.639742952\995174305" --mojo-application-channel-token=192359C39833483378C8AFEE5D089385 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-medium/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_10/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,14,18,31,56,70 --gpu-vendor-id=0x10de --gpu-device-id=0x13c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.6869 --gpu-driver-date=6-29-2016 --mojo-platform-channel-handle=1352 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-medium/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_10/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=4F0C8BDBD33D7CE5BECF36D7FC4F1577 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2656E29EBC68A2A5AEFBC36ABA5CB02E --mojo-application-channel-token=4F0C8BDBD33D7CE5BECF36D7FC4F1577 --channel="7512.3.669563884\904945347" --mojo-platform-channel-handle=3200 /prefetch:1
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SOUNDEDGE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" "-cachedir=C:\Users\Zdenno\AppData\Local\Steam\htmlcache" "-steampid=6892" "-buildid=1474415843" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe"
"C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe" 9792
"fontdrvhost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
"C:\Program Files\Mad Catz\C.T.R.L.R\CTRLR_Profiler.exe"
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --enable-threaded-compositing --no-sandbox --disable-databases --lang=en --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="6412.4.1354031741\1546851141" /prefetch:673131151
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --enable-threaded-compositing --no-sandbox --disable-databases --lang=en --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="6412.6.2002692886\1291703821" /prefetch:673131151
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --enable-threaded-compositing --no-sandbox --lang=en --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="6412.10.401033787\1260831362" /prefetch:673131151
"C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe" /runWithoutUpdating
"C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe" --type=gpu-process --channel="10336.0.936533596\603493801" --no-sandbox --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,25,54,69 --gpu-vendor-id=0x10de --gpu-device-id=0x13c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.6869 --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --mojo-platform-channel-handle=1980 /prefetch:2
"C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe" --type=renderer --enable-smooth-scrolling --js-flags=--expose-gc --no-sandbox --primordial-pipe-token=17D94E4C828A20548B0E904E102B09D8 --lang=en-US --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="10336.1.979396383\262957169" --mojo-platform-channel-handle=2392 /prefetch:1
"C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe" --type=renderer --enable-smooth-scrolling --js-flags=--expose-gc --no-sandbox --primordial-pipe-token=4EFDEE05E84D0351A5EA0B91056C1ABE --lang=en-US --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="10336.2.1386462232\1479992967" --mojo-platform-channel-handle=2428 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11608.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe" -ServerName:App.AppXqagq4n4gvy0tjw576pgh6xr601s1h1mv.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-medium/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_10/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=E5EE3446D1F913B9A206BEE8C1B3C6BE --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=0BF01F6921B1FA328567EFE2256C09CD --mojo-application-channel-token=E5EE3446D1F913B9A206BEE8C1B3C6BE --channel="7512.37.1421020740\2049951339" --mojo-platform-channel-handle=8544 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x4d4
"C:\Users\Zdenno\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25 585568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_SOUNDEDGE"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-01-15 1416440]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-01-15 8790264]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-09-20 2858272]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2016-09-20 3503088]
"GalaxyClient"=C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [2016-09-20 4090944]
"OneDrive"=C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-27 633024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-08-19 60136]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-09-12 830064]
"Kerio Control VPN Client"=C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2016-04-14 2180096]
""= []
"C.T.R.L.R"=C:\Program Files\Mad Catz\C.T.R.L.R\CTRLR_Profiler.exe [2015-11-12 86528]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Content Manager Assistant for PlayStation(R).lnk - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-26 18:21:56 ----D---- C:\rsit
2016-09-26 18:21:56 ----D---- C:\Program Files\trend micro
2016-09-26 17:01:27 ----HD---- C:\OneDriveTemp
2016-09-15 15:22:55 ----A---- C:\WINDOWS\SYSWOW64\NmaDirect.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\SensorDataService.exe
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\NmaDirect.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\nativemap.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\moshost.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\mapstoasttask.dll
2016-09-15 15:22:55 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\MapRouter.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-15 15:22:54 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-09-15 15:22:53 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-09-15 15:22:53 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-09-15 15:22:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-09-15 15:22:53 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2016-09-15 15:22:53 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-09-15 15:22:53 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2016-09-15 15:22:52 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\SYSWOW64\DbgModel.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\system32\POSyncServices.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2016-09-15 15:22:51 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-09-15 15:22:50 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-09-15 15:22:50 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-09-15 15:22:50 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2016-09-15 15:22:50 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccessRes.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-09-15 15:22:49 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-09-15 15:22:49 ----A---- C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\SYSWOW64\AddressParser.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-09-15 15:22:48 ----A---- C:\WINDOWS\system32\DbgModel.dll
2016-09-15 15:22:47 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-09-15 15:22:47 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-09-15 15:22:47 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-09-15 15:22:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-09-15 15:22:47 ----A---- C:\WINDOWS\system32\ContactActivation.dll
2016-09-15 15:22:46 ----A---- C:\WINDOWS\system32\wininet.dll
2016-09-15 15:22:46 ----A---- C:\WINDOWS\system32\PhoneService.dll
2016-09-15 15:22:46 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-09-15 15:22:46 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-09-15 15:22:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-09-15 15:22:45 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MapControls.dll
2016-09-15 15:22:45 ----A---- C:\WINDOWS\system32\VCardParser.dll
2016-09-15 15:22:45 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-15 15:22:45 ----A---- C:\WINDOWS\system32\mos.dll
2016-09-15 15:22:45 ----A---- C:\WINDOWS\system32\ExSMime.dll
2016-09-15 15:22:45 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-09-15 15:22:45 ----A---- C:\WINDOWS\system32\AddressParser.dll
2016-09-15 15:22:44 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-15 15:22:44 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-15 15:22:44 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-09-15 15:22:44 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:22:44 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-15 15:22:44 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-09-15 15:22:44 ----A---- C:\WINDOWS\system32\cdd.dll
2016-09-15 15:22:43 ----A---- C:\WINDOWS\SYSWOW64\MosResource.dll
2016-09-15 15:22:43 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2016-09-15 15:22:43 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-15 15:22:43 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-09-15 15:22:43 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-09-15 15:22:42 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-09-15 15:22:42 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-09-15 15:22:42 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-09-15 15:22:41 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-09-15 15:22:41 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22:41 ----A---- C:\WINDOWS\system32\MosResource.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-09-15 15:22:40 ----A---- C:\WINDOWS\system32\eappprxy.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\system32\eapphost.dll
2016-09-15 15:22:40 ----A---- C:\WINDOWS\system32\eappgnui.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-09-15 15:22:39 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\system32\twinui.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\system32\eappcfg.dll
2016-09-15 15:22:39 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2016-09-15 15:22:37 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-09-15 15:22:36 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-15 15:22:35 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-09-15 15:22:35 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-09-15 15:22:35 ----A---- C:\WINDOWS\system32\msctf.dll
2016-09-15 15:22:35 ----A---- C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-15 15:22:35 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-15 15:22:35 ----A---- C:\WINDOWS\system32\aclui.dll
2016-09-15 15:22:34 ----A---- C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-15 15:22:34 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-09-15 15:22:33 ----A---- C:\WINDOWS\system32\shell32.dll
2016-09-15 15:22:32 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2016-09-15 15:22:32 ----A---- C:\WINDOWS\system32\aadtb.dll
2016-09-15 15:22:30 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-09-15 15:22:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-15 15:22:29 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-09-15 15:22:29 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-09-15 15:22:29 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-09-15 15:22:28 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-09-15 15:22:28 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-09-15 15:22:28 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-09-15 15:22:28 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-09-15 15:22:28 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-09-15 15:22:28 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2016-09-15 15:22:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-09-15 15:22:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-09-15 15:22:27 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-15 15:22:27 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-09-15 15:22:27 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-09-15 15:22:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:22:26 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-15 15:22:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-09-15 15:22:24 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-09-15 15:22:24 ----A---- C:\WINDOWS\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-09-15 15:22:24 ----A---- C:\WINDOWS\SYSWOW64\ExtrasXmlParser.dll
2016-09-15 15:22:24 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-09-15 15:22:23 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-09-15 15:22:23 ----A---- C:\WINDOWS\system32\wmp.dll
2016-09-15 15:22:23 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-09-15 15:22:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2016-09-15 15:22:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-09-15 15:22:22 ----A---- C:\WINDOWS\SYSWOW64\ContactActivation.dll
2016-09-15 15:22:22 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-15 15:22:21 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-09-15 15:22:21 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2016-09-15 15:22:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataTypeHelperUtil.dll
2016-09-15 15:22:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataLanguageUtil.dll
2016-09-15 15:22:21 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 15:22:20 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-09-15 15:22:20 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-15 15:22:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-09-15 15:22:19 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2016-09-15 15:22:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2016-09-15 15:22:18 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:22:18 ----A---- C:\WINDOWS\system32\mf.dll
2016-09-15 15:22:18 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MosTrace.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\SYSWOW64\Microsoft-Windows-MosHost.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-15 15:22:17 ----A---- C:\WINDOWS\system32\combase.dll
2016-09-15 15:22:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-09-15 15:22:16 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-09-15 15:22:16 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-09-15 15:22:16 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-09-15 15:22:15 ----A---- C:\WINDOWS\SYSWOW64\setupugc.exe
2016-09-15 15:22:15 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-09-15 15:22:15 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-09-15 15:22:15 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-09-15 15:22:15 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-15 15:22:15 ----A---- C:\WINDOWS\system32\setupugc.exe
2016-09-15 15:22:15 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-09-15 15:22:15 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-09-15 15:22:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-09-15 15:22:14 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2016-09-15 15:22:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-15 15:22:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:22:13 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-09-15 15:22:13 ----A---- C:\WINDOWS\system32\winmde.dll
2016-09-15 15:22:13 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:22:13 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-09-15 15:22:13 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-09-15 15:22:12 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-09-15 15:22:12 ----A---- C:\WINDOWS\SYSWOW64\POSyncServices.dll
2016-09-15 15:22:12 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-09-15 15:22:12 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-09-15 15:22:12 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-09-15 15:22:12 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-09-15 15:22:12 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-15 15:22:11 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-09-15 15:22:11 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-09-15 15:22:11 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-09-15 15:22:11 ----A---- C:\WINDOWS\system32\wmpmde.dll
2016-09-15 15:22:11 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-15 15:22:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-09-15 15:22:11 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-09-15 15:22:10 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-09-15 15:22:10 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2016-09-15 15:22:10 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-15 15:22:10 ----A---- C:\WINDOWS\system32\pnidui.dll
2016-09-15 15:22:10 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2016-09-15 15:22:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-09-15 15:22:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-09-15 15:22:09 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-09-15 15:22:09 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-09-15 15:22:09 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-09-15 15:22:09 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-09-15 15:22:09 ----A---- C:\WINDOWS\system32\ole32.dll
2016-09-15 15:22:08 ----A---- C:\WINDOWS\SYSWOW64\wmpmde.dll
2016-09-15 15:22:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-09-15 15:22:08 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-09-15 15:22:08 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-09-15 15:22:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-09-15 15:22:08 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-15 15:22:08 ----A---- C:\WINDOWS\system32\resutils.dll
2016-09-15 15:22:08 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-09-15 15:22:07 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-09-15 15:22:07 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-09-15 15:22:07 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2016-09-15 15:22:07 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\winresume.exe
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\winload.exe
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\sspicli.dll
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\GamePanel.exe
2016-09-15 15:22:07 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-09-15 15:22:06 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-09-15 15:22:06 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-15 15:22:05 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-09-15 15:22:05 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-09-15 15:22:05 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-09-15 15:22:05 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-15 15:22:05 ----A---- C:\WINDOWS\system32\lsass.exe
2016-09-15 15:22:05 ----A---- C:\WINDOWS\system32\DMRServer.dll
2016-09-15 15:22:04 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-09-15 15:22:04 ----A---- C:\WINDOWS\system32\wwanconn.dll
2016-09-15 15:22:04 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-09-15 15:22:04 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2016-09-15 15:22:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-09-15 15:22:03 ----A---- C:\WINDOWS\SYSWOW64\MSAJApi.dll
2016-09-15 15:22:03 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-09-15 15:22:03 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-15 15:22:03 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-09-15 15:22:03 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2016-09-15 15:22:03 ----A---- C:\WINDOWS\system32\devinv.dll
2016-09-15 15:22:03 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-15 15:22:02 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-09-15 15:22:02 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-15 15:22:02 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-09-15 15:22:02 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-09-15 15:22:02 ----A---- C:\WINDOWS\system32\authui.dll
2016-09-15 15:22:01 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-09-15 15:22:01 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2016-09-15 15:22:01 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-09-15 15:22:01 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-09-15 15:22:01 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-09-15 15:22:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-09-15 15:22:01 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-09-15 15:22:01 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-15 15:22:01 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\hvix64.exe
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\hvax64.exe
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\evr.dll
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
2016-09-15 15:22:00 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-15 15:21:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-09-15 15:21:59 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-09-15 15:21:59 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-09-15 15:21:59 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-09-15 15:21:59 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-15 15:21:59 ----A---- C:\WINDOWS\system32\win32u.dll
2016-09-15 15:21:59 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-09-15 15:21:59 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-09-15 15:21:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-09-15 15:21:58 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2016-09-15 15:21:58 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2016-09-15 15:21:58 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-09-15 15:21:58 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-15 15:21:58 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-15 15:21:57 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2016-09-15 15:21:57 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-09-15 15:21:56 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-09-15 15:21:56 ----A---- C:\WINDOWS\system32\invagent.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\system32\hvloader.exe
2016-09-15 15:21:56 ----A---- C:\WINDOWS\system32\csrsrv.dll
2016-09-15 15:21:56 ----A---- C:\WINDOWS\system32\clusapi.dll
2016-09-15 15:21:55 ----A---- C:\WINDOWS\system32\InputService.dll
2016-09-15 15:21:55 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-09-15 15:21:54 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\SYSWOW64\PhoneutilRes.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\SYSWOW64\msxml6r.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\SYSWOW64\MapControlStringsRes.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\system32\tzres.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\system32\provengine.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\system32\msxml6r.dll
2016-09-15 15:21:54 ----A---- C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-15 15:21:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2016-09-15 15:21:53 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2016-09-15 15:21:53 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-09-15 15:21:53 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-15 15:21:53 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-09-15 15:21:53 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-09-15 15:21:53 ----A---- C:\WINDOWS\system32\CastLaunch.dll
2016-09-15 15:21:52 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-09-15 15:21:52 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2016-09-15 15:21:52 ----A---- C:\WINDOWS\system32\wwanmm.dll
2016-09-15 15:21:52 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-09-15 15:21:52 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-09-15 15:21:52 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-15 15:21:51 ----A---- C:\WINDOWS\system32\dlnashext.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\SYSWOW64\ClipboardServer.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\XamlTileRender.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-09-15 15:21:50 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-09-15 15:21:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:21:49 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-09-15 15:21:49 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-09-15 15:21:49 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:21:49 ----A---- C:\WINDOWS\system32\win32k.sys
2016-09-15 15:21:49 ----A---- C:\WINDOWS\system32\DscCore.dll
2016-09-15 15:21:49 ----A---- C:\WINDOWS\system32\ClipboardServer.dll
2016-09-15 15:21:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-15 15:21:48 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-09-15 15:21:48 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-09-15 15:21:48 ----A---- C:\WINDOWS\system32\wups2.dll
2016-09-15 15:21:48 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-15 15:21:48 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-15 15:21:47 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2016-09-15 15:21:46 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-09-15 15:21:46 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-09-15 15:21:46 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-09-15 15:21:46 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-15 15:21:46 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-15 15:21:46 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-15 15:21:45 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 20:00:52 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-09-01 20:00:52 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-09-01 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-09-01 20:00:51 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-09-01 20:00:50 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 20:00:50 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 20:00:50 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 20:00:50 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-09-01 20:00:49 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-09-01 20:00:48 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-09-01 20:00:48 ----A---- C:\WINDOWS\system32\mfps.dll
2016-09-01 20:00:48 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-09-01 20:00:48 ----A---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2016-09-01 20:00:48 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2016-09-01 20:00:47 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-09-01 20:00:45 ----A---- C:\WINDOWS\system32\schannel.dll
2016-09-01 20:00:45 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-09-01 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\C_IS2022.DLL
2016-09-01 20:00:44 ----A---- C:\WINDOWS\SYSWOW64\C_G18030.DLL
2016-09-01 20:00:44 ----A---- C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 20:00:44 ----A---- C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 20:00:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 20:00:41 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-09-01 20:00:40 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-09-01 20:00:40 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-09-01 20:00:40 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-09-01 20:00:40 ----A---- C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 20:00:37 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 20:00:35 ----A---- C:\WINDOWS\system32\usocore.dll
2016-09-01 20:00:35 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 20:00:35 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 20:00:35 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-09-01 20:00:34 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 20:00:33 ----A---- C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 20:00:33 ----A---- C:\WINDOWS\system32\storagewmi.dll
2016-09-01 20:00:33 ----A---- C:\WINDOWS\system32\smphost.dll
2016-09-01 20:00:33 ----A---- C:\WINDOWS\system32\mispace.dll
2016-09-01 20:00:33 ----A---- C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 20:00:33 ----A---- C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 20:00:32 ----A---- C:\WINDOWS\system32\wincorlib.dll
2016-09-01 20:00:31 ----A---- C:\WINDOWS\SYSWOW64\storagewmi_passthru.dll
2016-09-01 20:00:31 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2016-09-01 20:00:31 ----A---- C:\WINDOWS\SYSWOW64\smphost.dll
2016-09-01 20:00:31 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-09-01 20:00:31 ----A---- C:\WINDOWS\SYSWOW64\DscCoreConfProv.dll
2016-09-01 20:00:31 ----A---- C:\WINDOWS\SYSWOW64\delegatorprovider.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\provtool.exe
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\provops.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\provdatastore.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 20:00:30 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 20:00:29 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 20:00:28 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2016-09-01 20:00:28 ----A---- C:\WINDOWS\SYSWOW64\c_GSM7.DLL
2016-09-01 20:00:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-09-01 20:00:27 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-09-01 20:00:27 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2016-09-01 20:00:27 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 20:00:27 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 20:00:27 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 20:00:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 20:00:25 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 20:00:22 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-09-01 20:00:19 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 20:00:16 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-09-01 20:00:16 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2016-09-01 20:00:16 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-09-01 20:00:15 ----A---- C:\WINDOWS\SYSWOW64\encapi.dll
2016-09-01 20:00:15 ----A---- C:\WINDOWS\system32\encapi.dll
2016-09-01 20:00:14 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll
2016-09-01 20:00:14 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-08-27 11:13:25 ----D---- C:\Users\Zdenno\AppData\Roaming\Skype

======List of files/folders modified in the last 1 month======

2016-09-26 18:22:00 ----D---- C:\WINDOWS\Temp
2016-09-26 18:21:58 ----D---- C:\WINDOWS\Prefetch
2016-09-26 18:21:56 ----RD---- C:\Program Files
2016-09-26 18:21:34 ----D---- C:\Users\Zdenno\AppData\Roaming\Origin
2016-09-26 18:21:08 ----D---- C:\Users\Zdenno\AppData\Roaming\Azureus
2016-09-26 17:55:00 ----D---- C:\WINDOWS\system32\sru
2016-09-26 17:12:34 ----RD---- C:\WINDOWS\Microsoft.NET
2016-09-26 17:01:34 ----D---- C:\ProgramData\Origin
2016-09-26 17:01:15 ----D---- C:\Program Files (x86)\Steam
2016-09-26 16:59:41 ----D---- C:\WINDOWS\System32
2016-09-26 16:59:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-26 16:57:16 ----D---- C:\WINDOWS\system32\SleepStudy
2016-09-25 20:42:41 ----D---- C:\ProgramData\NVIDIA
2016-09-25 20:34:38 ----SHD---- C:\System Volume Information
2016-09-25 11:39:53 ----D---- C:\WINDOWS\AppReadiness
2016-09-24 09:24:08 ----HD---- C:\Program Files\WindowsApps
2016-09-23 13:00:53 ----D---- C:\WINDOWS\system32\catroot2
2016-09-20 18:06:11 ----AD---- C:\Program Files (x86)\Origin
2016-09-20 17:59:18 ----AD---- C:\Program Files (x86)\GalaxyClient
2016-09-18 14:43:53 ----D---- C:\WINDOWS\rescache
2016-09-18 14:30:28 ----D---- C:\WINDOWS\system32\config
2016-09-16 10:01:23 ----D---- C:\WINDOWS\WinSxS
2016-09-16 10:01:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-09-16 08:43:15 ----RD---- C:\WINDOWS\assembly
2016-09-16 08:10:07 ----D---- C:\WINDOWS\INF
2016-09-15 22:40:25 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-09-15 22:40:25 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-09-15 22:40:25 ----D---- C:\WINDOWS\SysWOW64
2016-09-15 22:40:24 ----SD---- C:\WINDOWS\system32\F12
2016-09-15 22:40:24 ----SD---- C:\WINDOWS\system32\dsc
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\zh-TW
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\zh-HK
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\zh-CN
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\uk-UA
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\tr-TR
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\th-TH
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\sv-SE
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\sl-SI
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\sk-SK
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\ru-RU
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\ro-RO
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\pt-PT
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\pt-BR
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\pl-PL
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\oobe
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\nl-NL
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\nb-NO
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\lv-LV
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\lt-LT
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\ko-KR
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\ja-jp
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\it-IT
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\hu-HU
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\hr-HR
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\he-IL
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\fr-FR
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\fr-CA
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\fi-FI
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\et-EE
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\es-MX
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\es-ES
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\en-US
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\en-GB
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\el-GR
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\drivers
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\Dism
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\de-DE
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\da-DK
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\cs-CZ
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\Boot
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\bg-BG
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\ar-SA
2016-09-15 22:40:24 ----D---- C:\WINDOWS\system32\appraiser
2016-09-15 22:40:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-09-15 22:40:23 ----RD---- C:\Program Files\Windows Defender
2016-09-15 22:40:23 ----D---- C:\WINDOWS\ShellExperiences
2016-09-15 22:40:23 ----D---- C:\WINDOWS\Provisioning
2016-09-15 22:40:23 ----D---- C:\WINDOWS\AppPatch
2016-09-15 22:40:23 ----D---- C:\Program Files\Windows Media Player
2016-09-15 22:40:23 ----D---- C:\Program Files\Windows Mail
2016-09-15 22:40:23 ----D---- C:\Program Files\Internet Explorer
2016-09-15 22:40:23 ----D---- C:\Program Files (x86)\Windows Mail
2016-09-15 22:40:23 ----D---- C:\Program Files (x86)\Windows Defender
2016-09-15 22:40:23 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-15 18:06:27 ----D---- C:\WINDOWS\CbsTemp
2016-09-15 18:06:25 ----D---- C:\WINDOWS\system32\MRT
2016-09-15 18:03:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-09-15 17:10:22 ----D---- C:\ProgramData\Package Cache
2016-09-15 17:10:21 ----SHD---- C:\WINDOWS\Installer
2016-09-14 18:00:38 ----D---- C:\WINDOWS\system32\Tasks
2016-09-07 18:32:38 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-09-01 21:10:33 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 21:10:33 ----D---- C:\WINDOWS\system32\wbem
2016-09-01 21:10:33 ----D---- C:\WINDOWS\system32\migration
2016-09-01 19:42:48 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2016-09-01 19:42:47 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 19:42:46 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-09-01 19:42:45 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-07 670056]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2015-08-10 839376]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2015-08-10 244024]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2016-07-28 154392]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2015-12-01 35488]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2016-07-28 144664]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2016-05-29 78208]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 AmUStor;@oem71.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-07-19 83224]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-20 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-08-20 247296]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-07-16 128000]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-20 84992]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-01-15 4695288]
R3 kvnet;@oem62.inf,%kvnet.Service.DispName%;Kerio Virtual Network Adapter; C:\WINDOWS\System32\drivers\kvnet.sys [2016-04-14 30208]
R3 MEIx64;@oem65.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NVHDA;@oem34.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-06-30 214592]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-07-01 13617096]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;@oem66.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@oem35.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-02-17 896760]
R3 SaiMini;SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [2014-05-23 24040]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [2015-12-04 51616]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-08-20 965120]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-07-16 117248]
S3 CSRBC;@oem23.inf,%CSRBC.SvcDesc%;CSRBC.Sys DFU Test driver; C:\WINDOWS\System32\Drivers\csrbc.sys [2016-08-24 46240]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 kvpndev;@oem21.inf,%kvpndev.Service.DispName%;Kerio VPN adapter; C:\WINDOWS\System32\drivers\kvpndrv.sys [2008-01-16 73216]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-04-15 192216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-07-09 263896]
S3 SaiK5266;SaiK5266; C:\WINDOWS\system32\DRIVERS\SaiK5266.sys [2015-12-04 182464]
S3 SaiXInput;SaiXInput; C:\WINDOWS\System32\drivers\SaiXInput.sys [2015-12-04 53440]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#2 Příspěvek od Zdenno »

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-08 82128]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-09-12 470600]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-09-12 470600]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-08-19 324304]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_1406a66;CDPUserSvc_1406a66; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-08-21 93184]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-08-13 154584]
R2 KVPNCSvc;Kerio Control VPN Client Service; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2016-04-14 2027520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-08-13 405976]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2015-08-10 376264]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2015-07-31 254792]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-06-29 1352760]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-09-27 94720]
R2 OneSyncSvc_1406a66;Sync Host_1406a66; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-09-20 2206224]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-01-15 316152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-06-29 424384]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
R3 PimIndexMaintenanceSvc_1406a66;Kontaktné údaje_1406a66; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-09-20 1466144]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-09-12 989696]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-09-12 1454720]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-01-15 1300512]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2016-09-20 281152]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2016-09-26 6394432]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_1406a66;MessagingService_1406a66; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-09-20 2141192]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------
Nahoru
sorcer
Přítel fóra
Přítel fóra
Příspěvky: 527
Registrován: 26 čer 2006 01:29

Re: prosim o kontrolu

#3 Příspěvek od sorcer »

Dobrý den,

1) Zde je ke stahnutí AdwCleaner http://general-changelog-team.fr/fr/download/adwcleaner
2) Utilitu uložte na plochu
3) Mate-li spuštěné, ukončete všechny otevřené programy
4) Následně klikněte nejprve na Scan a poté Clean
5) Po dokončení skenováni se objeví log, který sem vložte
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#4 Příspěvek od Zdenno »

# AdwCleaner v6.020 - *Logfile created 27/09/2016 *at 17:44:31
# *Updated on 14/09/2016 by ToolsLib
# *Database : 2016-09-27.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Zdenno - ZDENNO-PC
# *Running from : C:\Users\Zdenno\Desktop\adwcleaner_6.020.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Data restored: HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] *Data restored: HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] *Data restored: HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] *Data restored: HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] *Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] *Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] *Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] *Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] *Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] *Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] *Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] *Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] *Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] *Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] *Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] *Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2318 *Bytes] - [27/09/2016 17:44:31]
C:\AdwCleaner\AdwCleaner[S0].txt - [3501 *Bytes] - [27/09/2016 17:43:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2466 *Bytes] ##########
Nahoru
sorcer
Přítel fóra
Přítel fóra
Příspěvky: 527
Registrován: 26 čer 2006 01:29

Re: prosim o kontrolu

#5 Příspěvek od sorcer »

Proveďte prosím sken FRST. http://forum.viry.cz/viewtopic.php?f=24&t=132509

Log z FRST i Addition vložte sem, do Vašeho topicu.

Při varování u stahování FRSTLauncheru, vyberte v pravém dolním rohu Ignorovat
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#6 Příspěvek od Zdenno »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016
Ran by Zdenno (administrator) on ZDENNO-PC (28-09-2016 17:13:24)
Running from C:\Users\Zdenno\Desktop
Loaded Profiles: Zdenno (Available Profiles: Zdenno & User)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Acresso) C:\Program Files (x86)\ViewPower2.10\upsMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\ViewPower2.10\jre\bin\javaw.exe
(Apache Software Foundation) C:\Program Files (x86)\ViewPower2.10\tomcat\bin\tomcat6.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
(Mad Catz Inc) C:\Program Files\Mad Catz\C.T.R.L.R\CTRLR_Profiler.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Zdenno\Desktop\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_SOUNDEDGE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-01-15] (Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Kerio Control VPN Client] => C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2180096 2016-04-14] (Kerio Technologies Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [C.T.R.L.R] => C:\Program Files\Mad Catz\C.T.R.L.R\CTRLR_Profiler.exe [86528 2015-11-12] (Mad Catz Inc)
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3503088 2016-09-20] (Electronic Arts)
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation(R).lnk [2016-07-15]
ShortcutTarget: Content Manager Assistant for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.50 10.0.0.50
Tcpip\..\Interfaces\{c014bbf4-57a3-47dd-85bb-07a6f37421ca}: [DhcpNameServer] 10.0.0.50 10.0.0.50

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-10551035-2757477188-1337332661-1001 -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-07-27] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com ... smedic.sk/"
CHR Profile: C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default [2016-09-28]
CHR Extension: (Prezentácie Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
CHR Extension: (Dokumenty Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-16]
CHR Extension: (Disk Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-09-27]
CHR Extension: (Save to Pocket) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-16]
CHR Extension: (Chrome Media Router) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-10551035-2757477188-1337332661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1300512 2016-01-15] ()
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6394432 2016-09-26] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation)
R2 KVPNCSvc; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2027520 2016-04-14] (Kerio Technologies Inc.) [File not signed]
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [376264 2015-08-10] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [254792 2015-07-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2141192 2016-09-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2206224 2016-09-20] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-01-15] (Realtek Semiconductor)
R2 upsMonitor; C:\Program Files (x86)\ViewPower2.10\upsMonitor.exe [116224 2015-10-25] (Acresso) [File not signed]
R3 upsTomcat; C:\Program Files (x86)\ViewPower2.10\tomcat\bin\tomcat6.exe [57344 2011-04-15] (Apache Software Foundation) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-29] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [46240 2016-08-24] (CSR plc.)
R3 kvnet; C:\Windows\System32\drivers\kvnet.sys [30208 2016-04-14] (Kerio Technologies Inc.)
S3 kvpndev; C:\Windows\System32\drivers\kvpndrv.sys [73216 2008-01-16] (Kerio Technologies Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-15] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [839376 2015-08-10] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244024 2015-08-10] (McAfee, Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896760 2016-02-17] (Realtek )
S3 SaiK5266; C:\Windows\system32\DRIVERS\SaiK5266.sys [182464 2015-12-04] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [24040 2014-05-23] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [51616 2015-12-04] (Saitek)
S3 SaiXInput; C:\Windows\System32\drivers\SaiXInput.sys [53440 2015-12-04] (Saitek, Madcatz, Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-28 17:13 - 2016-09-28 17:13 - 00021945 _____ C:\Users\Zdenno\Desktop\FRST.txt
2016-09-28 17:12 - 2016-09-28 17:13 - 00000000 ____D C:\FRST
2016-09-28 17:11 - 2016-09-28 17:11 - 00112640 _____ (forum.viry.cz) C:\Users\Zdenno\Desktop\FRSTLauncher (1).exe
2016-09-28 17:07 - 2016-09-28 17:07 - 00000000 _____ C:\Users\Zdenno\Downloads\FRSTLauncher.exe.2kobyqp.partial
2016-09-28 17:05 - 2016-09-28 17:05 - 02404352 _____ (Farbar) C:\Users\Zdenno\Desktop\FRST64.exe
2016-09-28 17:04 - 2016-09-28 17:04 - 00000000 ___HD C:\OneDriveTemp
2016-09-27 23:53 - 2016-09-27 23:56 - 58184612 _____ C:\Users\Zdenno\Downloads\JINJER - Fajtfest 2016 After Movie-Video Report.mp4
2016-09-27 23:27 - 2016-09-27 23:52 - 262102281 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 3-4 - LIVE HQ.mp4
2016-09-27 23:11 - 2016-09-27 23:25 - 288834117 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 2-4 - LIVE HQ.mp4
2016-09-27 22:56 - 2016-09-27 23:05 - 114200324 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 4-4 - LIVE HQ.mp4
2016-09-27 22:53 - 2016-09-27 22:53 - 480340935 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 1-4 - LIVE HQ.mp4
2016-09-27 17:43 - 2016-09-27 17:44 - 00000000 ____D C:\AdwCleaner
2016-09-27 17:40 - 2016-09-27 17:40 - 03861056 _____ C:\Users\Zdenno\Desktop\adwcleaner_6.020.exe
2016-09-26 23:19 - 2016-09-26 23:19 - 02428233 _____ C:\Users\Zdenno\Downloads\PandoraRecovery.exe
2016-09-26 23:16 - 2016-09-26 23:16 - 00000000 ____D C:\Program Files\EaseUS
2016-09-26 18:21 - 2016-09-26 18:22 - 00000000 ____D C:\rsit
2016-09-26 18:21 - 2016-09-26 18:22 - 00000000 ____D C:\Program Files\trend micro
2016-09-26 18:18 - 2016-09-26 18:18 - 01222144 _____ C:\Users\Zdenno\Downloads\RSITx64.exe
2016-09-24 20:06 - 2016-09-24 20:06 - 60550874 _____ C:\Users\Zdenno\Downloads\JINJER - Bad Water (Official Music Video).mp4
2016-09-20 22:11 - 2016-09-20 22:11 - 08795185 _____ C:\Users\Zdenno\Downloads\Tatyana Booya Shmaylyk (JINJER) - R.Runo Accessory Photoshoot Backstage.mp4
2016-09-15 15:22 - 2016-09-07 07:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-15 15:22 - 2016-09-07 07:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-15 15:22 - 2016-09-07 07:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-15 15:22 - 2016-09-07 07:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-15 15:22 - 2016-09-07 07:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-15 15:22 - 2016-09-07 07:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-15 15:22 - 2016-09-07 07:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-15 15:22 - 2016-09-07 07:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-15 15:22 - 2016-09-07 07:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-15 15:22 - 2016-09-07 07:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-15 15:22 - 2016-09-07 07:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-15 15:22 - 2016-09-07 07:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-15 15:22 - 2016-09-07 07:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-15 15:22 - 2016-09-07 07:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-15 15:22 - 2016-09-07 07:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-15 15:22 - 2016-09-07 07:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-15 15:22 - 2016-09-07 07:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-15 15:22 - 2016-09-07 07:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 15:22 - 2016-09-07 07:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-15 15:22 - 2016-09-07 07:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-15 15:22 - 2016-09-07 07:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-15 15:22 - 2016-09-07 07:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-15 15:22 - 2016-09-07 07:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-15 15:22 - 2016-09-07 07:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-15 15:22 - 2016-09-07 07:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-15 15:22 - 2016-09-07 07:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-15 15:22 - 2016-09-07 07:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-15 15:22 - 2016-09-07 07:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-15 15:22 - 2016-09-07 07:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-15 15:22 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-15 15:22 - 2016-09-07 07:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-15 15:22 - 2016-09-07 07:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-15 15:22 - 2016-09-07 07:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-15 15:22 - 2016-09-07 07:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-15 15:22 - 2016-09-07 07:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-15 15:22 - 2016-09-07 07:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-15 15:22 - 2016-09-07 07:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-15 15:22 - 2016-09-07 07:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-15 15:22 - 2016-09-07 07:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-15 15:22 - 2016-09-07 07:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-15 15:22 - 2016-09-07 07:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-15 15:22 - 2016-09-07 07:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-15 15:22 - 2016-09-07 07:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-15 15:22 - 2016-09-07 07:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-15 15:22 - 2016-09-07 07:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-15 15:22 - 2016-09-07 07:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-15 15:22 - 2016-09-07 07:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-15 15:22 - 2016-09-07 07:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-15 15:22 - 2016-09-07 07:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-15 15:22 - 2016-09-07 07:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-15 15:22 - 2016-09-07 07:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-15 15:22 - 2016-09-07 07:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-15 15:22 - 2016-09-07 07:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-15 15:22 - 2016-09-07 07:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-15 15:22 - 2016-09-07 07:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-15 15:22 - 2016-09-07 07:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-15 15:22 - 2016-09-07 07:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-15 15:22 - 2016-09-07 07:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-15 15:22 - 2016-09-07 07:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-15 15:22 - 2016-09-07 07:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-15 15:22 - 2016-09-07 07:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-15 15:22 - 2016-09-07 07:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-15 15:22 - 2016-09-07 07:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-15 15:22 - 2016-09-07 07:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-15 15:22 - 2016-09-07 07:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-15 15:22 - 2016-09-07 07:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-15 15:22 - 2016-09-07 07:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-15 15:22 - 2016-09-07 07:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-15 15:22 - 2016-09-07 06:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-15 15:22 - 2016-09-07 06:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-15 15:22 - 2016-09-07 06:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-15 15:22 - 2016-09-07 06:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:22 - 2016-09-07 06:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-15 15:22 - 2016-09-07 06:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-15 15:22 - 2016-09-07 06:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-15 15:22 - 2016-09-07 06:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-15 15:22 - 2016-09-07 06:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-15 15:22 - 2016-09-07 06:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-15 15:22 - 2016-09-07 06:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-15 15:22 - 2016-09-07 06:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-15 15:22 - 2016-09-07 06:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-15 15:22 - 2016-09-07 06:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-15 15:22 - 2016-09-07 06:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-15 15:22 - 2016-09-07 06:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-15 15:22 - 2016-09-07 06:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-15 15:22 - 2016-09-07 06:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-15 15:22 - 2016-09-07 06:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-15 15:22 - 2016-09-07 06:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-15 15:22 - 2016-09-07 06:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-15 15:22 - 2016-09-07 06:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-15 15:22 - 2016-09-07 06:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-15 15:22 - 2016-09-07 06:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-15 15:22 - 2016-09-07 06:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-15 15:22 - 2016-09-07 06:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-15 15:22 - 2016-09-07 06:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-15 15:22 - 2016-08-06 05:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-15 15:22 - 2016-08-06 05:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-15 15:22 - 2016-08-06 05:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-15 15:22 - 2016-08-06 05:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-15 15:22 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-15 15:22 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-15 15:22 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-15 15:22 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-15 15:22 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-15 15:22 - 2016-07-22 03:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-15 15:22 - 2016-07-22 03:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-15 15:22 - 2016-07-22 02:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-15 15:21 - 2016-09-07 08:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-15 15:21 - 2016-09-07 07:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-15 15:21 - 2016-09-07 07:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-15 15:21 - 2016-09-07 07:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-15 15:21 - 2016-09-07 07:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-15 15:21 - 2016-09-07 07:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-15 15:21 - 2016-09-07 07:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-15 15:21 - 2016-09-07 07:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-15 15:21 - 2016-09-07 06:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-15 15:21 - 2016-09-07 06:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-15 15:21 - 2016-09-07 06:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-15 15:21 - 2016-09-07 06:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-15 15:21 - 2016-09-07 06:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-15 15:21 - 2016-09-07 06:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-15 15:21 - 2016-09-07 06:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-15 15:21 - 2016-09-07 06:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-15 15:21 - 2016-09-07 06:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-15 15:21 - 2016-09-07 06:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-15 15:21 - 2016-09-07 06:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-15 15:21 - 2016-09-07 06:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-15 15:21 - 2016-09-07 06:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-15 15:21 - 2016-09-07 06:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-15 15:21 - 2016-09-07 06:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-15 15:21 - 2016-09-07 06:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-15 15:21 - 2016-09-07 06:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-15 15:21 - 2016-09-07 06:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-15 15:21 - 2016-09-07 06:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-15 15:21 - 2016-09-07 06:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-15 15:21 - 2016-09-07 06:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-15 15:21 - 2016-09-07 06:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-15 15:21 - 2016-09-07 06:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-15 15:21 - 2016-09-07 06:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-15 15:21 - 2016-09-07 06:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-15 15:21 - 2016-09-07 06:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-15 15:21 - 2016-09-07 06:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-15 15:21 - 2016-09-07 06:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-15 15:21 - 2016-09-07 06:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-15 15:21 - 2016-09-07 06:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-15 15:21 - 2016-09-07 06:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-15 15:21 - 2016-09-07 06:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-15 15:21 - 2016-09-07 06:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-15 15:21 - 2016-09-07 06:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-15 15:21 - 2016-09-07 06:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-15 15:21 - 2016-09-07 06:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-15 15:21 - 2016-09-07 06:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-15 15:21 - 2016-09-07 06:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-15 15:21 - 2016-09-07 06:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-15 15:21 - 2016-09-07 06:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-15 15:21 - 2016-09-07 06:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-15 15:21 - 2016-09-07 06:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-15 15:21 - 2016-09-07 06:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-15 15:21 - 2016-09-07 06:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-15 15:21 - 2016-09-07 06:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-15 15:21 - 2016-09-07 06:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-15 15:21 - 2016-09-07 06:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-15 15:21 - 2016-09-07 06:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-15 15:21 - 2016-09-07 06:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-15 15:21 - 2016-08-06 06:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-15 15:21 - 2016-08-06 06:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-15 15:21 - 2016-08-06 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-15 15:21 - 2016-08-06 06:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-15 15:21 - 2016-08-06 06:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-15 15:21 - 2016-08-06 05:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-15 15:21 - 2016-08-06 05:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-15 15:21 - 2016-08-06 05:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-15 15:21 - 2016-08-06 05:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-15 15:21 - 2016-08-06 05:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-15 15:21 - 2016-08-06 05:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-15 15:21 - 2016-08-06 05:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:21 - 2016-08-06 05:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-15 15:21 - 2016-08-06 05:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:21 - 2016-08-06 05:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-15 15:21 - 2016-08-06 05:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-15 15:21 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-15 15:21 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-15 15:21 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-15 15:21 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-15 15:21 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-15 15:21 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-14 22:53 - 2016-09-14 22:53 - 72892497 _____ C:\Users\Zdenno\Downloads\BATMETAL RETURNS.mp4
2016-09-14 22:46 - 2016-09-14 22:46 - 36591670 _____ C:\Users\Zdenno\Downloads\BATMETAL.mp4
2016-09-14 17:59 - 2016-09-14 17:59 - 00000000 ____D C:\Users\Zdenno\.QtWebEngineProcess
2016-09-14 17:59 - 2016-09-14 17:59 - 00000000 ____D C:\Users\Zdenno\.Origin
2016-09-03 22:38 - 2016-09-03 22:38 - 141314300 _____ C:\Users\Zdenno\Downloads\Jinjer - Cloud Factory (OFFICIAL MUSIC VIDEO).mp4
2016-09-03 22:18 - 2016-09-03 22:18 - 102680266 _____ C:\Users\Zdenno\Downloads\JINJER - I Speak Astronomy (Official Video) Napalm Records.mp4
2016-09-03 22:02 - 2016-09-03 22:02 - 79765263 _____ C:\Users\Zdenno\Downloads\JINJER - Words Of Wisdom (Official Video) Napalm Records.mp4
2016-09-03 21:51 - 2016-09-03 21:51 - 185723335 _____ C:\Users\Zdenno\Downloads\JINJER - Sit Stay Roll Over (Official Music Video).mp4
2016-09-03 21:40 - 2016-09-03 21:40 - 112191927 _____ C:\Users\Zdenno\Downloads\JINJER - Just Another (Official Video) Napalm Records.mp4
2016-09-01 20:00 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 20:00 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 20:00 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 20:00 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 20:00 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 20:00 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 20:00 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 20:00 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 20:00 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 20:00 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 20:00 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 20:00 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 20:00 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 20:00 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 20:00 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 20:00 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 20:00 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 20:00 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 20:00 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 20:00 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 20:00 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 20:00 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 20:00 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 20:00 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 20:00 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 20:00 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 20:00 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 20:00 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 20:00 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 20:00 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 20:00 - 2016-08-20 07:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-01 20:00 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 20:00 - 2016-08-20 07:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-01 20:00 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 20:00 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 20:00 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 20:00 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 20:00 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 20:00 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 20:00 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 20:00 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 20:00 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 20:00 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 20:00 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 20:00 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 20:00 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 20:00 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 20:00 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 20:00 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 20:00 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 20:00 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 20:00 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 20:00 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 20:00 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 20:00 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 20:00 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 20:00 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 20:00 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 20:00 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 20:00 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 20:00 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 20:00 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 20:00 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 20:00 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 20:00 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 20:00 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 20:00 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 20:00 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 20:00 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 20:00 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 20:00 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 20:00 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 20:00 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-08-29 15:48 - 2016-08-29 15:51 - 44962019 _____ C:\Users\Zdenno\Downloads\CUTS - Bunsen Burner.flac

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-28 17:13 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-28 17:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-28 17:09 - 2015-09-16 23:40 - 00000000 ____D C:\Users\Zdenno\AppData\Roaming\Origin
2016-09-28 17:04 - 2015-09-16 23:34 - 00000000 ____D C:\ProgramData\Origin
2016-09-28 17:04 - 2015-09-16 19:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-28 17:04 - 2015-09-16 19:16 - 00000000 ___RD C:\Users\Zdenno\OneDrive
2016-09-27 23:46 - 2015-09-17 00:32 - 00000000 ____D C:\Users\Zdenno\AppData\Roaming\Azureus
2016-09-27 21:51 - 2016-08-05 09:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-27 17:51 - 2016-08-05 09:55 - 01078650 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-27 17:45 - 2016-08-05 09:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-27 17:45 - 2016-08-05 09:54 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-27 17:45 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-09-20 18:06 - 2015-09-16 23:34 - 00000000 ____D C:\Program Files (x86)\Origin
2016-09-20 17:59 - 2015-09-17 00:27 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-09-20 17:54 - 2015-09-16 23:40 - 00000000 ____D C:\Users\Zdenno\AppData\Local\Origin
2016-09-18 17:27 - 2015-09-16 20:06 - 00002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-18 14:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-16 13:07 - 2016-04-23 14:32 - 00000000 ____D C:\Users\Zdenno\Downloads\Nový priečinok
2016-09-16 08:11 - 2015-09-16 08:02 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-16 08:10 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-16 08:09 - 2016-08-05 09:53 - 00212008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-15 22:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-15 22:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-15 18:06 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-15 18:06 - 2015-09-21 18:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-15 18:03 - 2015-09-21 18:54 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-15 17:10 - 2015-10-29 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-15 17:10 - 2014-04-02 16:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-14 18:20 - 2016-06-14 23:41 - 00000000 ____D C:\Users\Zdenno\AppData\Local\Ubisoft Game Launcher
2016-09-14 18:00 - 2016-08-05 09:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 17:59 - 2016-08-05 09:55 - 00000000 ____D C:\Users\Zdenno
2016-09-08 19:53 - 2015-11-21 14:13 - 00000000 ____D C:\Users\Zdenno\AppData\Local\UnrealEngine
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-02 12:05 - 2015-11-16 21:35 - 00000000 ____D C:\Users\Zdenno\Downloads\PSX burning
2016-09-01 21:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 19:42 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 19:42 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 19:42 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 19:42 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

==================== Files in the root of some directories =======

2015-09-22 19:24 - 2015-09-22 19:24 - 0007602 _____ () C:\Users\Zdenno\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Zdenno\AppData\Local\Temp\avgnt.exe
C:\Users\Zdenno\AppData\Local\Temp\i4jdel0.exe
C:\Users\Zdenno\AppData\Local\Temp\i4jdel1.exe
C:\Users\Zdenno\AppData\Local\Temp\libeay32.dll
C:\Users\Zdenno\AppData\Local\Temp\msvcr120.dll
C:\Users\Zdenno\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-20 17:48

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:218.07 GB) (Free:61.78 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.49 GB) (Free:2.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATADRIVE1) (Fixed) (Total:1862.89 GB) (Free:143.06 GB) NTFS

Available physical RAM: 12601.15 MB
Total physical RAM: 16340.54 MB
Percentage of memory in use: 22%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 238.5 GB) (Disk ID: 257EFC1F)
Disk: 1 (Size: 1863 GB) (Disk ID: 52F21B8F)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zdenno\Desktop" je 44587 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#7 Příspěvek od Zdenno »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
Ran by Zdenno (28-09-2016 17:13:49)
Running from C:\Users\Zdenno\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-05 08:00:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-10551035-2757477188-1337332661-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-10551035-2757477188-1337332661-503 - Limited - Disabled)
Guest (S-1-5-21-10551035-2757477188-1337332661-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-10551035-2757477188-1337332661-1003 - Limited - Enabled)
User (S-1-5-21-10551035-2757477188-1337332661-1004 - Limited - Enabled) => C:\Users\User
Zdenno (S-1-5-21-10551035-2757477188-1337332661-1001 - Administrator - Enabled) => C:\Users\Zdenno

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
C.T.R.L.R (HKLM\...\{A8D0BE7D-8270-400A-8871-C9B56050D0D1}) (Version: 7.0.48.0 - Mad Catz Inc)
C.T.R.L.R Firmware update v1.2.5 (HKLM\...\{466E732D-D96A-4C7F-80A5-177A1B5E26A9}) (Version: 1.2.5.0 - Mad Catz Inc)
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version: - Stainless Games Ltd)
Content Manager Assistant for PlayStation(R) (HKLM-x32\...\{E5C1C342-5E78-4D91-85BE-40C716B09391}) (Version: 3.55.7671.0901 - Sony Computer Entertainment Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.3.5419 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5529 - CyberLink Corp.) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3317 - CyberLink Corp.) Hidden
Death Rally (Classic) (HKLM-x32\...\Steam App 358270) (Version: - Remedy)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
DOOM (HKLM\...\Steam App 379720) (Version: - id Software)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Duke Nukem 2 (HKLM-x32\...\Steam App 240180) (Version: - 3D Realms)
Duke Nukem 3D (HKLM-x32\...\Steam App 359850) (Version: - 3D Realms)
Duke Nukem: Manhattan Project (HKLM-x32\...\Steam App 240200) (Version: - Sunstorm Interactive, 3D Realms)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version: - Codemasters Racing)
Hatred (HKLM-x32\...\Steam App 341940) (Version: - Destructive Creations)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{198B2800-6C16-4F2A-BC52-EA0F7FD67095}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inst5675 (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.27 - Softex Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Kerio Control VPN Client (HKLM\...\{BF23169D-CBDF-4AFE-B474-1F59F4E8CA80}) (Version: 9.0.879 - Kerio Technologies Inc.)
K-Lite Mega Codec Pack 11.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mortal Kombat 3 (HKLM-x32\...\1207667063_is1) (Version: 2.0.0.1 - GOG.com)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.0.2.33129 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 368.69 (Version: 368.69 - NVIDIA Corporation) Hidden
Raptor: Call of the Shadows (1994 Classic Edition) (HKLM-x32\...\Steam App 358360) (Version: - Cygnus Studios)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
Rise of the Triad: Dark War (HKLM-x32\...\Steam App 358410) (Version: - 3D Realms (Apogee Software))
Shadow Warrior (Classic) (HKLM-x32\...\Steam App 358400) (Version: - 3D Realms (Apogee Software))
Shadow Warrior (HKLM\...\Steam App 233130) (Version: - Flying Wild Hog)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Terminal Velocity (HKLM-x32\...\Steam App 358370) (Version: - Terminal Reality)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com)
Tomb Raider III: Adventures of Lara Croft (HKLM-x32\...\Steam App 225320) (Version: - Core Design)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
ViewPower2.10 (HKLM-x32\...\ViewPower2.10) (Version: 1.0.0.0 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.3.0 - Azureus Software, Inc.)
Wacky Wheels (HKLM-x32\...\Steam App 358380) (Version: - Beavis Soft)
Windows Driver Package - DFU Driver (CSRBC) USB (02/03/2011 2.4.0.0) (HKLM\...\B14275BEB6CC2EDDF270C2B75D2267764AF7BE67) (Version: 02/03/2011 2.4.0.0 - DFU Driver)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version: - Machine Games)
WWE 2K16 (HKLM\...\Steam App 385730) (Version: - Visual Concepts)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-10551035-2757477188-1337332661-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02793919-7B89-48FD-840B-8099F73A31A5} - \WPD\SqmUpload_S-1-5-21-10551035-2757477188-1337332661-1004 -> No File <==== ATTENTION
Task: {18898837-E343-4A1A-8DB2-6C9DFF7D13ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1E22FCF0-6243-4BA1-BCA7-20F9ED7162C8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {256CEE39-1BB5-43AF-83F2-2DA958DE26BF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {27B08AE8-102E-4F54-A591-1331AAFD120D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {2FD6FCE9-6C1C-42E2-AC96-C85F6A8829B8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {33804AFA-464A-45C4-BDDF-3E9203B45ED5} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard)
Task: {33A94478-42B1-4D18-9CFF-C04039A1A355} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {50009E3D-961D-428E-8E76-5721F1F460D1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-09-15] (Microsoft Corporation)
Task: {5499F4E6-B032-4BFD-B373-7F1D3003F408} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5F3D5FB3-A5CE-4982-A287-D0419BBBB7C9} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-16] ()
Task: {614E4B2E-ABE6-4161-A958-A5BF0ADFBCB0} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {66961B79-4F31-41A1-87D4-CE3D355EFC76} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6F022967-7D19-40E8-9016-10BAFEE5806B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7A35F4F5-8970-4B8D-91EC-3EDE2252F839} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {8105A456-9AA4-4BA0-900E-66F1B8169769} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-09-01] (McAfee, Inc.)
Task: {8B89F505-C539-461D-A9DF-DD8E17674D64} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9A5305D5-2791-4D2B-BE5D-12EE11976EC8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-27] (Microsoft Corporation)
Task: {9AC0AD58-E922-42C7-AC8A-1F2E559CD18D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {BC3B0EA8-6523-42B5-9FD8-B8500EB29BCC} - \WPD\SqmUpload_S-1-5-21-10551035-2757477188-1337332661-1001 -> No File <==== ATTENTION
Task: {CCABBF7C-AA68-4518-A0CB-AA7CFB02DBBE} - System32\Tasks\B67DDD9E-D256-45F1-A5CA-4066A332B44B => C:\Users\Zdenno\AppData\Local\B67DDD9E-D256-45F1-A5CA-4066A332B44B\B67DDD9E-D256-45F1-A5CA-4066A332B44B.exe <==== ATTENTION
Task: {CEE2AED6-FAD9-4C6F-B76F-86DCDA175DD0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D09D7096-59F7-4537-8B7E-0B2F84B4E08F} - System32\Tasks\{F12B9CF9-686A-4B9A-908E-9E4252A6F2C5} => pcalua.exe -a E:\Games\FlatOut2\FlatOut2.exe -d E:\Games\FlatOut2
Task: {D7DD85D1-7B04-4682-903E-DF14E168ABEA} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard)
Task: {DE2AF3B0-6636-4A48-BB85-068D75478265} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E0B9B39D-B42B-4AA6-8599-83DAFAC478AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {E51AB194-A0B9-40A2-8DC6-69A9F76039D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {F5732D72-47EE-49C4-A4A8-E28C5634CA26} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {F5B28E1C-2549-4C87-A663-69406D9D8752} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {F5E6CDC4-AAEF-4B0D-8E30-63AD4F4C3D2F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {FA4F1B9F-8D9E-4DBA-9F5F-5AB17648FB3C} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-09-27 14:40 - 2014-09-27 14:40 - 02150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 14:48 - 2014-09-27 14:48 - 00420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 14:48 - 2014-09-27 14:48 - 00746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-07-27 16:51 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-05-14 14:26 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-15 15:22 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-05 09:54 - 2016-06-29 19:50 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-15 15:22 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 15:22 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-27 11:13 - 2016-08-27 11:13 - 01864384 _____ () C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-15 15:22 - 2016-09-07 06:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-15 15:21 - 2016-09-07 06:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-27 14:42 - 2014-09-27 14:42 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2016-05-14 14:26 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-09-14 17:59 - 2016-09-20 18:06 - 00015872 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\System32\CHARTV.dll
2016-09-28 17:10 - 2016-09-28 17:13 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 17:10 - 2016-09-28 17:13 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-04-14 10:19 - 2016-04-14 10:19 - 00086016 _____ () C:\Program Files (x86)\Kerio\VPN Client\ktzlib100_1.2.3.dll
2016-09-14 17:59 - 2016-09-20 18:06 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-10-25 15:25 - 2012-03-15 12:07 - 00028672 _____ () C:\Program Files (x86)\ViewPower2.10\jre\bin\USBDevice.dll
2015-10-25 15:25 - 2010-05-11 02:49 - 00049152 _____ () C:\Program Files (x86)\ViewPower2.10\jre\bin\Shutdown.dll
2015-10-25 15:25 - 2010-05-11 02:49 - 00077759 _____ () C:\Program Files (x86)\ViewPower2.10\jre\bin\rxtxSerial.dll
2014-08-13 11:54 - 2014-08-13 11:54 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-18 17:27 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-18 17:27 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2015-09-16 19:33 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-09-16 19:33 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-09-16 19:33 - 2016-09-20 21:28 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2015-09-16 19:33 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-09-16 19:33 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-09-16 19:33 - 2016-09-20 21:28 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 17:53 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-14 17:59 - 2016-09-20 18:06 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2015-09-16 23:40 - 2016-06-11 10:14 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-08-27 11:13 - 2016-08-27 11:13 - 01383616 _____ () C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-27 11:13 - 2016-08-27 11:13 - 00118976 _____ () C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2015-09-16 19:33 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-09-17 00:27 - 2016-09-20 17:58 - 53018112 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00500736 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 01069568 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 01847296 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00386048 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 01582080 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00300544 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00323584 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2015-09-17 00:27 - 2016-03-23 19:47 - 00096768 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00513536 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00265216 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00418304 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2015-09-17 00:27 - 2016-03-23 19:47 - 00672768 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00150528 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00144896 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2015-09-17 00:27 - 2016-09-20 17:59 - 01738752 _____ () C:\Program Files (x86)\GalaxyClient\libglesv2.dll
2015-09-17 00:27 - 2016-09-20 17:58 - 00078848 _____ () C:\Program Files (x86)\GalaxyClient\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdenno\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hp_metro_sky.jpg
DNS Servers: 10.0.0.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{523066D3-D940-4DB7-A8DE-343714EED635}E:\steamlibrary\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steamlibrary\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{EC8DA2BF-7BFE-403C-925E-A46ED0E4EF2B}E:\steamlibrary\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steamlibrary\steamapps\common\doom\doomx64vk.exe
FirewallRules: [{DFBD4918-5718-4C2D-8782-3B7499CE994D}] => (Allow) E:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{576B9FD4-D9EA-4905-84F7-4EABE80B4530}] => (Allow) E:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{1A236A95-30D2-4FC2-852B-9FF19E52797E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D02302C5-4BE8-4154-91CC-FA3187B4FE32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{35EB69DE-3095-49CE-A715-A58D1C3CA006}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8782E4E3-029C-414C-A046-A7B1C82E0C6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3547CC34-CC75-4A0F-94FC-198F95EF955B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2582B7F1-749A-4179-91C3-886DAEA3382D}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{AC1A1288-1A13-407E-842E-8CC20DF31F88}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{316ADB84-A69E-462E-8BA5-ECAC17B90ED3}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{05A7DCEC-0E21-40F8-B5EF-F2D88C5326CF}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{D56CC9D6-BD05-47BD-9440-568A0A0EBB70}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{BF09F702-E40C-4509-BAA4-57A5E0FBD689}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{5FD30408-CFDF-4529-AF8B-9F6F0D7E81F8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{217DECF5-25CE-4FDE-BBA5-60408B48C8AA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{62F20912-18F2-4948-9C81-BB967115DF4D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49A3323D-4CB3-4726-BBE5-6A407C80EFA7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{29911E44-B17D-47EE-ABF3-7DE59E675642}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CB5D909F-DE43-4F6C-912A-872EA812026D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61A1CFD9-6C35-4A2D-BC5A-CA5DD12322FD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{240A2617-118C-435F-8183-91F9B2344F59}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{E0DA0182-40D3-40A1-82BB-F8C5586A40ED}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D0ED2223-CCAE-4988-90A4-F90FD68B6036}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{00DACA55-A827-4F9A-9961-9DC520781841}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E094BC3-40A7-4521-BF1C-A51C33E89FBF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F18BF6B-8B57-4866-AAE2-33F8AFBB683E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DC9A1F18-72D7-4CA4-A93C-B13EE2B04756}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E4CD870-7568-4ECF-ADD7-014C77C32BCE}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5F94A008-80D8-452B-A9C8-0CAF3061E42B}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{1948C64B-57CD-44FD-AC4A-F87CFBAF6232}] => (Allow) E:\SteamLibrary\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe
FirewallRules: [{6A5A2658-53EF-4924-95DD-69C6BFA64B87}] => (Allow) E:\SteamLibrary\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe
FirewallRules: [{119C5BEE-347A-4B96-94C5-F7777505DA59}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{54AA84B2-419F-44B2-A1DF-95E981AC7E27}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{35878090-19D3-4597-A7C3-DFA9DC7C4CEE}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{FDC73BF3-D162-421B-9FFF-CAE5D1A47B2F}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E6A8CD0E-0344-4ADF-AD4F-FAFF5520B6FD}] => (Allow) E:\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{B63D6596-4F10-4930-8AF9-7CDD57E16260}] => (Allow) E:\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{11A8F04E-080A-4BF6-BCE3-8427B61CC4EE}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{9BC00EA4-3DBF-4B27-B780-111D64CD45A5}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{2C7570EE-412A-4EF0-90B3-B957DE6D6D67}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{AC04BA1C-D23D-4F21-AF57-9AC33A7EA197}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{B0C2ADDB-DA0A-46C6-B15D-769F2A3857CC}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{14093EB8-E266-41D8-BCDC-32FEC117A9CB}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{675B9571-EEAA-4AA3-92F4-B02D0D41E78C}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\HatredConfig.exe
FirewallRules: [{6F8FD28C-091B-4D49-94F5-F574C6D33317}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\HatredConfig.exe
FirewallRules: [{EBEDEC5A-152A-4EF3-BFDA-2E7EA99DFA43}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\Win64\Hatred-Win64-Shipping.exe
FirewallRules: [{02C69F32-21BC-4CFE-B59E-8119897AE377}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\Win64\Hatred-Win64-Shipping.exe
FirewallRules: [{1C74FF7F-3566-45CE-ACBA-875728E98308}] => (Allow) E:\SteamLibrary\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{344484E1-2087-4556-92C3-21A492B30FFF}] => (Allow) E:\SteamLibrary\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{C0D9FE3C-0332-4592-85B7-AFCCE3A21A22}] => (Allow) E:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{F0FEC30E-0B73-402E-9A65-ACC6AE4DCD5C}] => (Allow) E:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{A2B07281-F276-4255-9A41-ECACA0D25E38}] => (Allow) E:\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{ABCCA07A-FA54-425C-82CC-886B8C508D29}] => (Allow) E:\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{AC262C8E-5456-4B9F-BF26-3B9EEEA281E5}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Triad Dark War\Rise of the Triad - Dark War\Dosbox\dosbox.exe
FirewallRules: [{52F0CEE2-E98F-486D-A0D5-DEF195A1FAFA}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Triad Dark War\Rise of the Triad - Dark War\Dosbox\dosbox.exe
FirewallRules: [{51FA71EA-0D7D-40FB-A663-2877A9D07E94}] => (Allow) E:\SteamLibrary\steamapps\common\Terminal Velocity\Terminal Velocity\Dosbox\dosbox.exe
FirewallRules: [{21581CD4-44E1-4922-8158-0447ADA22057}] => (Allow) E:\SteamLibrary\steamapps\common\Terminal Velocity\Terminal Velocity\Dosbox\dosbox.exe
FirewallRules: [{1165B085-2E8B-4938-B9A3-BC4B8D0197A9}] => (Allow) E:\SteamLibrary\steamapps\common\Wacky Wheels\Wacky Wheels\Dosbox\dosbox.exe
FirewallRules: [{F76D1F2C-C3C5-4E7E-8DCE-BEC41BDE1E20}] => (Allow) E:\SteamLibrary\steamapps\common\Wacky Wheels\Wacky Wheels\Dosbox\dosbox.exe
FirewallRules: [{EE20FE1C-A557-4E64-96CB-F7BEA9759C25}] => (Allow) E:\SteamLibrary\steamapps\common\Raptor Call of the Shadows\Raptor - Call of the Shadows\Dosbox\dosbox.exe
FirewallRules: [{B2958470-A972-406B-A381-65C7F73B543F}] => (Allow) E:\SteamLibrary\steamapps\common\Raptor Call of the Shadows\Raptor - Call of the Shadows\Dosbox\dosbox.exe
FirewallRules: [{5E756881-37F6-48F9-A0B4-B534E44B7AC7}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 2\Dosbox\dosbox.exe
FirewallRules: [{EE3B99DF-0EF8-48BF-856A-1827180ABCB8}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 2\Dosbox\dosbox.exe
FirewallRules: [{3CEAA190-952D-4484-B441-9B8AE3C3C86C}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 3D\Duke Nukem 3D\eduke32.exe
FirewallRules: [{51728C87-15CE-4E70-8879-CBBF86F4AE38}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 3D\Duke Nukem 3D\eduke32.exe
FirewallRules: [{1481044B-D6D3-402A-818A-D6AA3693C2EB}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{546084DD-AE36-4655-86AF-9B033B971499}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{E54FFB98-3F19-457F-9616-335B6987F472}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{C3D89A47-29E1-487D-B41E-413FBC48A032}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{126B1680-8CB0-43AF-8628-7ABB3A9126AE}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior DOS\Shadow Warrior\SWP.exe
FirewallRules: [{8D0A9953-BBF8-40ED-9B3F-38D5E515F5C8}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior DOS\Shadow Warrior\SWP.exe
FirewallRules: [{3DF51080-977C-4976-93A0-4A043E31FC55}] => (Allow) E:\SteamLibrary\steamapps\common\Death Rally\Death Rally\dr.exe
FirewallRules: [{61A3950F-8262-4A71-B468-75EED7AB5C38}] => (Allow) E:\SteamLibrary\steamapps\common\Death Rally\Death Rally\dr.exe
FirewallRules: [{31A35117-05F3-4F59-8E10-B33A89D5C9B3}] => (Allow) E:\SteamLibrary\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{39D63050-4377-4C1E-9EAA-EF5A2E0F7F67}] => (Allow) E:\SteamLibrary\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{493492CA-845B-470D-B5CD-00A64DB5C7A4}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{FA864556-EA46-4A91-AF4D-D8F06882102A}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{6643D0F2-472B-490D-BC24-24D5FDA28EDC}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{67351531-1D66-4328-8057-04D72654AFA2}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{8D126750-C613-4DA8-86E2-B7FD28A9DFAF}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CFC4CA8F-5D91-4960-9C31-552520B15662}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{F1868533-DB91-49E7-8661-37EA1006FE39}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{652771CC-EAA0-40FB-9F19-BD56BEF5F38F}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{65D9F4EA-51D9-4E67-B493-B390F02A0B8A}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{28415510-060F-4AA6-AF7E-D0F28143FE4C}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{71466784-D9EE-45FE-9637-03BFD11B23DF}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{FB8AA17B-757C-488A-AE6D-E8D2AC8DF6F3}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{C83B17B6-111A-4DA3-9F70-7898DB5D5DB4}] => (Allow) E:\SteamLibrary\steamapps\common\WWE2K16\WWE2K16.exe
FirewallRules: [{D17CCACE-00C5-49DB-93F0-9B540C267D19}] => (Allow) E:\SteamLibrary\steamapps\common\WWE2K16\WWE2K16.exe
FirewallRules: [{1A1DC32C-CD9E-40FD-86A5-4AF726137F82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Kerio VPN adapter
Description: Kerio VPN adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: KerioTechnologies
Service: kvpndev
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2016 08:15:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (09/27/2016 07:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.103, časová značka: 0x57b7e207
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000003061d
Identifikácia chybujúceho procesu: 0x368
Čas spustenia chybujúcej aplikácie: 0x01d218e3ea99d120
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 870e6edb-2653-490e-89b8-507e6363dc1e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/27/2016 06:47:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.103, časová značka: 0x57b7e207
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000003061d
Identifikácia chybujúceho procesu: 0x2c20
Čas spustenia chybujúcej aplikácie: 0x01d218dee076edbe
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 7a79302c-81f4-43ed-8ecb-97537521a79a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/27/2016 06:47:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZDENNO-PC)
Description: Aktivácia aplikácie Microsoft.Windows.Photos_8wekyb3d8bbwe!App zlyhala pre chybu: -2147023673 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (09/27/2016 05:51:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/27/2016 05:39:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 4.1.5.2.5.8.0.E.5.B.6.C.F.5.0.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Zdenno-PC-2.local.

Error: (09/27/2016 05:39:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.103:5353 17 4.1.5.2.5.8.0.E.5.B.6.C.F.5.0.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Zdenno-PC.local.

Error: (09/27/2016 05:39:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 103.0.0.10.in-addr.arpa. PTR Zdenno-PC-2.local.

Error: (09/27/2016 05:39:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.103:5353 17 103.0.0.10.in-addr.arpa. PTR Zdenno-PC.local.

Error: (09/27/2016 05:39:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Zdenno-PC.local already in use; will try Zdenno-PC-2.local instead


System errors:
=============
Error: (09/28/2016 05:07:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (09/28/2016 05:04:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/28/2016 05:04:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/28/2016 05:04:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/27/2016 09:18:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/27/2016 07:44:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/27/2016 07:23:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
and APPID
{7006698D-2974-4091-A424-85DD0B909E23}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/27/2016 07:12:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/27/2016 06:01:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/27/2016 05:48:41 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
Date: 2016-09-28 17:13:01.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-28 17:13:01.208
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 22%
Total physical RAM: 16340.54 MB
Available physical RAM: 12601.15 MB
Total Virtual: 18772.54 MB
Available Virtual: 14576.9 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:218.07 GB) (Free:61.78 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.49 GB) (Free:2.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATADRIVE1) (Fixed) (Total:1862.89 GB) (Free:143.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 257EFC1F)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 52F21B8F)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
sorcer
Přítel fóra
Přítel fóra
Příspěvky: 527
Registrován: 26 čer 2006 01:29

Re: prosim o kontrolu

#8 Příspěvek od sorcer »

Odinstalujte McAfee, pomocí této utility: http://www.bleepingcomputer.com/downloa ... oval-tool/

Dále doporučuji data (kterých máte na Ploše 44 GB) přesunout na jiné místo na disku a vytvořit na Ploše, pouze zástupce.

1) Obsah fixu níže, nakopírujte do Notepadu + uložte jej jako: fixlist.txt
2) Soubor uložte na stejné místo, kde má aktuálně utilitu FRST

Kód: Vybrat vše

Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:

File: C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Users\Zdenno\AppData\Local\B67DDD9E-D256-45F1-A5CA-4066A332B44B

HKLM-x32\...\Run: [] => [X]

SearchScopes: HKLM -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-10551035-2757477188-1337332661-1001 -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}

Task: {02793919-7B89-48FD-840B-8099F73A31A5} - \WPD\SqmUpload_S-1-5-21-10551035-2757477188-1337332661-1004 -> No File <==== ATTENTION
Task: {18898837-E343-4A1A-8DB2-6C9DFF7D13ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1E22FCF0-6243-4BA1-BCA7-20F9ED7162C8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {256CEE39-1BB5-43AF-83F2-2DA958DE26BF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2FD6FCE9-6C1C-42E2-AC96-C85F6A8829B8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {33A94478-42B1-4D18-9CFF-C04039A1A355} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5499F4E6-B032-4BFD-B373-7F1D3003F408} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {614E4B2E-ABE6-4161-A958-A5BF0ADFBCB0} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {66961B79-4F31-41A1-87D4-CE3D355EFC76} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6F022967-7D19-40E8-9016-10BAFEE5806B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8B89F505-C539-461D-A9DF-DD8E17674D64} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BC3B0EA8-6523-42B5-9FD8-B8500EB29BCC} - \WPD\SqmUpload_S-1-5-21-10551035-2757477188-1337332661-1001 -> No File <==== ATTENTION
Task: {CCABBF7C-AA68-4518-A0CB-AA7CFB02DBBE} - System32\Tasks\B67DDD9E-D256-45F1-A5CA-4066A332B44B => C:\Users\Zdenno\AppData\Local\B67DDD9E-D256-45F1-A5CA-4066A332B44B\B67DDD9E-D256-45F1-A5CA-4066A332B44B.exe <==== ATTENTION
Task: {CEE2AED6-FAD9-4C6F-B76F-86DCDA175DD0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DE2AF3B0-6636-4A48-BB85-068D75478265} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F5B28E1C-2549-4C87-A663-69406D9D8752} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {F5E6CDC4-AAEF-4B0D-8E30-63AD4F4C3D2F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
END
3) Spusťte FRST a kliněte na tlačítko FIX
4) Restartujte PC.
5) Sledujte PC, jak se chová?
5) Vytvořte nový log FRST a postněte jej do Vašeho topicu
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#9 Příspěvek od Zdenno »

Dobry den,
PC sa sprava normalne, predtym obcas robilo problem pri stlaceni klavesu ctrl alebo shift.
Tento problem sa mi zatial neobjavil.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016
Ran by Zdenno (administrator) on ZDENNO-PC (29-09-2016 19:08:21)
Running from C:\Users\Zdenno\Desktop
Loaded Profiles: Zdenno & User (Available Profiles: Zdenno & User)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Acresso) C:\Program Files (x86)\ViewPower2.10\upsMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\ViewPower2.10\jre\bin\javaw.exe
(Apache Software Foundation) C:\Program Files (x86)\ViewPower2.10\tomcat\bin\tomcat6.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
(Mad Catz Inc) C:\Program Files\Mad Catz\C.T.R.L.R\CTRLR_Profiler.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11608.1001.49.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Zdenno\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_SOUNDEDGE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-01-15] (Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Kerio Control VPN Client] => C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2180096 2016-04-14] (Kerio Technologies Inc.)
HKLM-x32\...\Run: [C.T.R.L.R] => C:\Program Files\Mad Catz\C.T.R.L.R\CTRLR_Profiler.exe [86528 2015-11-12] (Mad Catz Inc)
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2858272 2016-09-20] (Valve Corporation)
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3503088 2016-09-20] (Electronic Arts)
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
HKU\S-1-5-21-10551035-2757477188-1337332661-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation(R).lnk [2016-07-15]
ShortcutTarget: Content Manager Assistant for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.50 10.0.0.50
Tcpip\..\Interfaces\{c014bbf4-57a3-47dd-85bb-07a6f37421ca}: [DhcpNameServer] 10.0.0.50 10.0.0.50

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-10551035-2757477188-1337332661-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-10551035-2757477188-1337332661-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\S-1-5-21-10551035-2757477188-1337332661-1004 -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-07-27] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com ... smedic.sk/"
CHR Profile: C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default [2016-09-29]
CHR Extension: (Prezentácie Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
CHR Extension: (Dokumenty Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-16]
CHR Extension: (Disk Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-09-27]
CHR Extension: (Save to Pocket) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-16]
CHR Extension: (Chrome Media Router) - C:\Users\Zdenno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-10551035-2757477188-1337332661-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1300512 2016-01-15] ()
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6394432 2016-09-26] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation)
R2 KVPNCSvc; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2027520 2016-04-14] (Kerio Technologies Inc.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2141192 2016-09-20] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2206224 2016-09-20] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-01-15] (Realtek Semiconductor)
R2 upsMonitor; C:\Program Files (x86)\ViewPower2.10\upsMonitor.exe [116224 2015-10-25] (Acresso) [File not signed]
R3 upsTomcat; C:\Program Files (x86)\ViewPower2.10\tomcat\bin\tomcat6.exe [57344 2011-04-15] (Apache Software Foundation) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-29] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [46240 2016-08-24] (CSR plc.)
R3 kvnet; C:\Windows\System32\drivers\kvnet.sys [30208 2016-04-14] (Kerio Technologies Inc.)
S3 kvpndev; C:\Windows\System32\drivers\kvpndrv.sys [73216 2008-01-16] (Kerio Technologies Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-15] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896760 2016-02-17] (Realtek )
S3 SaiK5266; C:\Windows\system32\DRIVERS\SaiK5266.sys [182464 2015-12-04] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [24040 2014-05-23] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [51616 2015-12-04] (Saitek)
S3 SaiXInput; C:\Windows\System32\drivers\SaiXInput.sys [53440 2015-12-04] (Saitek, Madcatz, Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-29 19:08 - 2016-09-29 19:08 - 00021751 _____ C:\Users\Zdenno\Desktop\FRST.txt
2016-09-29 19:07 - 2016-09-29 19:07 - 00112640 _____ (forum.viry.cz) C:\Users\Zdenno\Desktop\FRSTLauncher.exe
2016-09-29 19:07 - 2016-09-28 17:13 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-29 18:01 - 2016-09-29 18:01 - 00000000 ___HD C:\OneDriveTemp
2016-09-28 18:32 - 2016-09-28 18:32 - 167453137 _____ C:\Users\Zdenno\Downloads\Jinjer @ Summer Dying Loud 2016 (I Speak Astronomy).mp4
2016-09-28 17:12 - 2016-09-29 19:08 - 00000000 ____D C:\FRST
2016-09-28 17:05 - 2016-09-28 17:05 - 02404352 _____ (Farbar) C:\Users\Zdenno\Desktop\FRST64.exe
2016-09-27 23:53 - 2016-09-27 23:56 - 58184612 _____ C:\Users\Zdenno\Downloads\JINJER - Fajtfest 2016 After Movie-Video Report.mp4
2016-09-27 23:27 - 2016-09-27 23:52 - 262102281 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 3-4 - LIVE HQ.mp4
2016-09-27 23:11 - 2016-09-27 23:25 - 288834117 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 2-4 - LIVE HQ.mp4
2016-09-27 22:56 - 2016-09-27 23:05 - 114200324 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 4-4 - LIVE HQ.mp4
2016-09-27 22:53 - 2016-09-27 22:53 - 480340935 _____ C:\Users\Zdenno\Downloads\JINJER - Summer Dying Loud 2016 - part 1-4 - LIVE HQ.mp4
2016-09-27 17:43 - 2016-09-27 17:44 - 00000000 ____D C:\AdwCleaner
2016-09-27 17:40 - 2016-09-27 17:40 - 03861056 _____ C:\Users\Zdenno\Desktop\adwcleaner_6.020.exe
2016-09-26 23:16 - 2016-09-26 23:16 - 00000000 ____D C:\Program Files\EaseUS
2016-09-26 18:21 - 2016-09-26 18:22 - 00000000 ____D C:\rsit
2016-09-26 18:21 - 2016-09-26 18:22 - 00000000 ____D C:\Program Files\trend micro
2016-09-26 18:18 - 2016-09-26 18:18 - 01222144 _____ C:\Users\Zdenno\Downloads\RSITx64.exe
2016-09-24 20:06 - 2016-09-24 20:06 - 60550874 _____ C:\Users\Zdenno\Downloads\JINJER - Bad Water (Official Music Video).mp4
2016-09-20 22:11 - 2016-09-20 22:11 - 08795185 _____ C:\Users\Zdenno\Downloads\Tatyana Booya Shmaylyk (JINJER) - R.Runo Accessory Photoshoot Backstage.mp4
2016-09-15 15:22 - 2016-09-07 07:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-15 15:22 - 2016-09-07 07:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-15 15:22 - 2016-09-07 07:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-15 15:22 - 2016-09-07 07:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-15 15:22 - 2016-09-07 07:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-15 15:22 - 2016-09-07 07:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-15 15:22 - 2016-09-07 07:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-15 15:22 - 2016-09-07 07:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-15 15:22 - 2016-09-07 07:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-15 15:22 - 2016-09-07 07:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-15 15:22 - 2016-09-07 07:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-15 15:22 - 2016-09-07 07:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-15 15:22 - 2016-09-07 07:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-15 15:22 - 2016-09-07 07:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-15 15:22 - 2016-09-07 07:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-15 15:22 - 2016-09-07 07:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-15 15:22 - 2016-09-07 07:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-15 15:22 - 2016-09-07 07:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 15:22 - 2016-09-07 07:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-15 15:22 - 2016-09-07 07:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-15 15:22 - 2016-09-07 07:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-15 15:22 - 2016-09-07 07:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-15 15:22 - 2016-09-07 07:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-15 15:22 - 2016-09-07 07:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-15 15:22 - 2016-09-07 07:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-15 15:22 - 2016-09-07 07:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-15 15:22 - 2016-09-07 07:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-15 15:22 - 2016-09-07 07:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-15 15:22 - 2016-09-07 07:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-15 15:22 - 2016-09-07 07:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-15 15:22 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-15 15:22 - 2016-09-07 07:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-15 15:22 - 2016-09-07 07:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-15 15:22 - 2016-09-07 07:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-15 15:22 - 2016-09-07 07:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-15 15:22 - 2016-09-07 07:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-15 15:22 - 2016-09-07 07:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-15 15:22 - 2016-09-07 07:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-15 15:22 - 2016-09-07 07:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-15 15:22 - 2016-09-07 07:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-15 15:22 - 2016-09-07 07:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-15 15:22 - 2016-09-07 07:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-15 15:22 - 2016-09-07 07:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-15 15:22 - 2016-09-07 07:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-15 15:22 - 2016-09-07 07:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-15 15:22 - 2016-09-07 07:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-15 15:22 - 2016-09-07 07:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-15 15:22 - 2016-09-07 07:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-15 15:22 - 2016-09-07 07:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-15 15:22 - 2016-09-07 07:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-15 15:22 - 2016-09-07 07:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-15 15:22 - 2016-09-07 07:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-15 15:22 - 2016-09-07 07:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-15 15:22 - 2016-09-07 07:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-15 15:22 - 2016-09-07 07:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-15 15:22 - 2016-09-07 07:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-15 15:22 - 2016-09-07 07:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-15 15:22 - 2016-09-07 07:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-15 15:22 - 2016-09-07 07:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-15 15:22 - 2016-09-07 07:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-15 15:22 - 2016-09-07 07:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-15 15:22 - 2016-09-07 07:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-15 15:22 - 2016-09-07 07:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-15 15:22 - 2016-09-07 07:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-15 15:22 - 2016-09-07 07:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-15 15:22 - 2016-09-07 07:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-15 15:22 - 2016-09-07 07:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-15 15:22 - 2016-09-07 07:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-15 15:22 - 2016-09-07 07:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-15 15:22 - 2016-09-07 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-15 15:22 - 2016-09-07 07:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-15 15:22 - 2016-09-07 07:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-15 15:22 - 2016-09-07 07:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-15 15:22 - 2016-09-07 07:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-15 15:22 - 2016-09-07 07:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-15 15:22 - 2016-09-07 06:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-15 15:22 - 2016-09-07 06:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-15 15:22 - 2016-09-07 06:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-15 15:22 - 2016-09-07 06:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-15 15:22 - 2016-09-07 06:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-15 15:22 - 2016-09-07 06:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-15 15:22 - 2016-09-07 06:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-15 15:22 - 2016-09-07 06:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-15 15:22 - 2016-09-07 06:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-15 15:22 - 2016-09-07 06:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-15 15:22 - 2016-09-07 06:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-15 15:22 - 2016-09-07 06:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-15 15:22 - 2016-09-07 06:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-15 15:22 - 2016-09-07 06:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-15 15:22 - 2016-09-07 06:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-15 15:22 - 2016-09-07 06:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-15 15:22 - 2016-09-07 06:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-15 15:22 - 2016-09-07 06:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-15 15:22 - 2016-09-07 06:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-15 15:22 - 2016-09-07 06:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-15 15:22 - 2016-09-07 06:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-15 15:22 - 2016-09-07 06:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-15 15:22 - 2016-09-07 06:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-15 15:22 - 2016-09-07 06:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-15 15:22 - 2016-09-07 06:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-15 15:22 - 2016-09-07 06:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-15 15:22 - 2016-09-07 06:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-15 15:22 - 2016-09-07 06:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-15 15:22 - 2016-09-07 06:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-15 15:22 - 2016-09-07 06:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-15 15:22 - 2016-09-07 06:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-15 15:22 - 2016-09-07 06:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-15 15:22 - 2016-09-07 06:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-15 15:22 - 2016-09-07 06:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-15 15:22 - 2016-09-07 06:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-15 15:22 - 2016-09-07 06:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-15 15:22 - 2016-09-07 06:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-15 15:22 - 2016-09-07 06:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-15 15:22 - 2016-09-07 06:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-15 15:22 - 2016-09-07 06:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-15 15:22 - 2016-09-07 06:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-15 15:22 - 2016-09-07 06:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-15 15:22 - 2016-09-07 06:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-15 15:22 - 2016-09-07 06:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-15 15:22 - 2016-08-06 05:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-15 15:22 - 2016-08-06 05:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-15 15:22 - 2016-08-06 05:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-15 15:22 - 2016-08-06 05:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-15 15:22 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-15 15:22 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-15 15:22 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-15 15:22 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-15 15:22 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-15 15:22 - 2016-07-22 03:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-15 15:22 - 2016-07-22 03:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-15 15:22 - 2016-07-22 02:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-15 15:21 - 2016-09-07 08:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-15 15:21 - 2016-09-07 07:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-15 15:21 - 2016-09-07 07:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-15 15:21 - 2016-09-07 07:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-15 15:21 - 2016-09-07 07:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-15 15:21 - 2016-09-07 07:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-15 15:21 - 2016-09-07 07:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-15 15:21 - 2016-09-07 07:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-15 15:21 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-15 15:21 - 2016-09-07 06:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-15 15:21 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-15 15:21 - 2016-09-07 06:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-15 15:21 - 2016-09-07 06:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-15 15:21 - 2016-09-07 06:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-15 15:21 - 2016-09-07 06:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-15 15:21 - 2016-09-07 06:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-15 15:21 - 2016-09-07 06:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-15 15:21 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-15 15:21 - 2016-09-07 06:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-15 15:21 - 2016-09-07 06:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-15 15:21 - 2016-09-07 06:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-15 15:21 - 2016-09-07 06:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-15 15:21 - 2016-09-07 06:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-15 15:21 - 2016-09-07 06:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-15 15:21 - 2016-09-07 06:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-15 15:21 - 2016-09-07 06:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-15 15:21 - 2016-09-07 06:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-15 15:21 - 2016-09-07 06:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-15 15:21 - 2016-09-07 06:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-15 15:21 - 2016-09-07 06:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-15 15:21 - 2016-09-07 06:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-15 15:21 - 2016-09-07 06:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-15 15:21 - 2016-09-07 06:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-15 15:21 - 2016-09-07 06:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-15 15:21 - 2016-09-07 06:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-15 15:21 - 2016-09-07 06:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-15 15:21 - 2016-09-07 06:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-15 15:21 - 2016-09-07 06:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-15 15:21 - 2016-09-07 06:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-15 15:21 - 2016-09-07 06:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-15 15:21 - 2016-09-07 06:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-15 15:21 - 2016-09-07 06:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-15 15:21 - 2016-09-07 06:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-15 15:21 - 2016-09-07 06:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-15 15:21 - 2016-09-07 06:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-15 15:21 - 2016-09-07 06:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-15 15:21 - 2016-09-07 06:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-15 15:21 - 2016-09-07 06:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-15 15:21 - 2016-09-07 06:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-15 15:21 - 2016-09-07 06:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-15 15:21 - 2016-09-07 06:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-15 15:21 - 2016-09-07 06:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-15 15:21 - 2016-09-07 06:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-15 15:21 - 2016-09-07 06:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-15 15:21 - 2016-09-07 06:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-15 15:21 - 2016-09-07 06:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-15 15:21 - 2016-09-07 06:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-15 15:21 - 2016-09-07 06:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-15 15:21 - 2016-09-07 06:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-15 15:21 - 2016-09-07 06:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-15 15:21 - 2016-09-07 06:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-15 15:21 - 2016-09-07 06:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-15 15:21 - 2016-08-06 06:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-15 15:21 - 2016-08-06 06:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-15 15:21 - 2016-08-06 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-15 15:21 - 2016-08-06 06:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-15 15:21 - 2016-08-06 06:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-15 15:21 - 2016-08-06 05:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-15 15:21 - 2016-08-06 05:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-15 15:21 - 2016-08-06 05:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-15 15:21 - 2016-08-06 05:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-15 15:21 - 2016-08-06 05:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-15 15:21 - 2016-08-06 05:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-15 15:21 - 2016-08-06 05:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:21 - 2016-08-06 05:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-15 15:21 - 2016-08-06 05:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-15 15:21 - 2016-08-06 05:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-15 15:21 - 2016-08-06 05:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-15 15:21 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-15 15:21 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-15 15:21 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-15 15:21 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-15 15:21 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-15 15:21 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-14 22:53 - 2016-09-14 22:53 - 72892497 _____ C:\Users\Zdenno\Downloads\BATMETAL RETURNS.mp4
2016-09-14 22:46 - 2016-09-14 22:46 - 36591670 _____ C:\Users\Zdenno\Downloads\BATMETAL.mp4
2016-09-14 17:59 - 2016-09-14 17:59 - 00000000 ____D C:\Users\Zdenno\.QtWebEngineProcess
2016-09-14 17:59 - 2016-09-14 17:59 - 00000000 ____D C:\Users\Zdenno\.Origin
2016-09-03 22:38 - 2016-09-03 22:38 - 141314300 _____ C:\Users\Zdenno\Downloads\Jinjer - Cloud Factory (OFFICIAL MUSIC VIDEO).mp4
2016-09-03 22:18 - 2016-09-03 22:18 - 102680266 _____ C:\Users\Zdenno\Downloads\JINJER - I Speak Astronomy (Official Video) Napalm Records.mp4
2016-09-03 22:02 - 2016-09-03 22:02 - 79765263 _____ C:\Users\Zdenno\Downloads\JINJER - Words Of Wisdom (Official Video) Napalm Records.mp4
2016-09-03 21:51 - 2016-09-03 21:51 - 185723335 _____ C:\Users\Zdenno\Downloads\JINJER - Sit Stay Roll Over (Official Music Video).mp4
2016-09-03 21:40 - 2016-09-03 21:40 - 112191927 _____ C:\Users\Zdenno\Downloads\JINJER - Just Another (Official Video) Napalm Records.mp4
2016-09-01 20:00 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 20:00 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 20:00 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 20:00 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 20:00 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 20:00 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 20:00 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 20:00 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 20:00 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 20:00 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 20:00 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 20:00 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 20:00 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 20:00 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 20:00 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 20:00 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 20:00 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 20:00 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 20:00 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 20:00 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 20:00 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 20:00 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 20:00 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 20:00 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 20:00 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 20:00 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 20:00 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 20:00 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 20:00 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 20:00 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 20:00 - 2016-08-20 07:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-01 20:00 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 20:00 - 2016-08-20 07:17 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-01 20:00 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 20:00 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 20:00 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 20:00 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 20:00 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 20:00 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 20:00 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 20:00 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 20:00 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 20:00 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 20:00 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 20:00 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 20:00 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 20:00 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 20:00 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 20:00 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 20:00 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 20:00 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 20:00 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 20:00 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 20:00 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 20:00 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 20:00 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 20:00 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 20:00 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 20:00 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 20:00 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 20:00 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 20:00 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 20:00 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 20:00 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 20:00 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 20:00 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 20:00 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 20:00 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 20:00 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 20:00 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 20:00 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 20:00 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 20:00 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 20:00 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-29 19:07 - 2015-09-16 23:40 - 00000000 ____D C:\Users\Zdenno\AppData\Roaming\Origin
2016-09-29 19:02 - 2016-08-05 09:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-29 18:12 - 2016-08-05 09:55 - 01095946 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-29 18:10 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-29 18:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-29 18:08 - 2015-09-16 23:34 - 00000000 ____D C:\ProgramData\Origin
2016-09-29 18:07 - 2015-09-16 19:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-29 18:07 - 2015-09-16 19:16 - 00000000 ___RD C:\Users\Zdenno\OneDrive
2016-09-29 18:06 - 2016-08-05 09:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-29 18:06 - 2016-08-05 09:54 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-29 18:06 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-09-29 18:03 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-29 17:54 - 2016-05-11 20:53 - 00000000 ____D C:\Users\Zdenno\Downloads\PSP games
2016-09-29 17:54 - 2015-07-27 16:50 - 00000000 ____D C:\Program Files\mcafee
2016-09-29 17:54 - 2015-07-27 16:50 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-09-28 23:33 - 2015-09-17 00:32 - 00000000 ____D C:\Users\Zdenno\AppData\Roaming\Azureus
2016-09-20 18:06 - 2015-09-16 23:34 - 00000000 ____D C:\Program Files (x86)\Origin
2016-09-20 17:59 - 2015-09-17 00:27 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-09-20 17:54 - 2015-09-16 23:40 - 00000000 ____D C:\Users\Zdenno\AppData\Local\Origin
2016-09-18 17:27 - 2015-09-16 20:06 - 00002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-18 14:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-16 13:07 - 2016-04-23 14:32 - 00000000 ____D C:\Users\Zdenno\Downloads\Nový priečinok
2016-09-16 08:11 - 2015-09-16 08:02 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-16 08:10 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-16 08:09 - 2016-08-05 09:53 - 00212008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-15 22:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-15 22:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-15 22:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-15 18:06 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-15 18:06 - 2015-09-21 18:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-15 18:03 - 2015-09-21 18:54 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-15 17:10 - 2015-10-29 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-15 17:10 - 2014-04-02 16:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-14 18:20 - 2016-06-14 23:41 - 00000000 ____D C:\Users\Zdenno\AppData\Local\Ubisoft Game Launcher
2016-09-14 18:00 - 2016-08-05 09:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 17:59 - 2016-08-05 09:55 - 00000000 ____D C:\Users\Zdenno
2016-09-08 19:53 - 2015-11-21 14:13 - 00000000 ____D C:\Users\Zdenno\AppData\Local\UnrealEngine
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-02 12:05 - 2015-11-16 21:35 - 00000000 ____D C:\Users\Zdenno\Downloads\PSX burning
2016-09-01 21:10 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 19:42 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 19:42 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 19:42 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 19:42 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

==================== Files in the root of some directories =======

2015-09-22 19:24 - 2015-09-22 19:24 - 0007602 _____ () C:\Users\Zdenno\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Zdenno\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD.



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zdenno\Desktop" je 6 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#10 Příspěvek od Zdenno »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
Ran by Zdenno (29-09-2016 19:08:48)
Running from C:\Users\Zdenno\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-05 08:00:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-10551035-2757477188-1337332661-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-10551035-2757477188-1337332661-503 - Limited - Disabled)
Guest (S-1-5-21-10551035-2757477188-1337332661-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-10551035-2757477188-1337332661-1003 - Limited - Enabled)
User (S-1-5-21-10551035-2757477188-1337332661-1004 - Limited - Enabled) => C:\Users\User
Zdenno (S-1-5-21-10551035-2757477188-1337332661-1001 - Administrator - Enabled) => C:\Users\Zdenno

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
C.T.R.L.R (HKLM\...\{A8D0BE7D-8270-400A-8871-C9B56050D0D1}) (Version: 7.0.48.0 - Mad Catz Inc)
C.T.R.L.R Firmware update v1.2.5 (HKLM\...\{466E732D-D96A-4C7F-80A5-177A1B5E26A9}) (Version: 1.2.5.0 - Mad Catz Inc)
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version: - Stainless Games Ltd)
Content Manager Assistant for PlayStation(R) (HKLM-x32\...\{E5C1C342-5E78-4D91-85BE-40C716B09391}) (Version: 3.55.7671.0901 - Sony Computer Entertainment Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.3.5419 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5529 - CyberLink Corp.) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3317 - CyberLink Corp.) Hidden
Death Rally (Classic) (HKLM-x32\...\Steam App 358270) (Version: - Remedy)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
DOOM (HKLM\...\Steam App 379720) (Version: - id Software)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Duke Nukem 2 (HKLM-x32\...\Steam App 240180) (Version: - 3D Realms)
Duke Nukem 3D (HKLM-x32\...\Steam App 359850) (Version: - 3D Realms)
Duke Nukem: Manhattan Project (HKLM-x32\...\Steam App 240200) (Version: - Sunstorm Interactive, 3D Realms)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version: - Codemasters Racing)
Hatred (HKLM-x32\...\Steam App 341940) (Version: - Destructive Creations)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{198B2800-6C16-4F2A-BC52-EA0F7FD67095}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inst5675 (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.27 - Softex Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Kerio Control VPN Client (HKLM\...\{BF23169D-CBDF-4AFE-B474-1F59F4E8CA80}) (Version: 9.0.879 - Kerio Technologies Inc.)
K-Lite Mega Codec Pack 11.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mortal Kombat 3 (HKLM-x32\...\1207667063_is1) (Version: 2.0.0.1 - GOG.com)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.69 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.0.2.33129 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 368.69 (Version: 368.69 - NVIDIA Corporation) Hidden
Raptor: Call of the Shadows (1994 Classic Edition) (HKLM-x32\...\Steam App 358360) (Version: - Cygnus Studios)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
Rise of the Triad: Dark War (HKLM-x32\...\Steam App 358410) (Version: - 3D Realms (Apogee Software))
Shadow Warrior (Classic) (HKLM-x32\...\Steam App 358400) (Version: - 3D Realms (Apogee Software))
Shadow Warrior (HKLM\...\Steam App 233130) (Version: - Flying Wild Hog)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Terminal Velocity (HKLM-x32\...\Steam App 358370) (Version: - Terminal Reality)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com)
Tomb Raider III: Adventures of Lara Croft (HKLM-x32\...\Steam App 225320) (Version: - Core Design)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
ViewPower2.10 (HKLM-x32\...\ViewPower2.10) (Version: 1.0.0.0 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.3.0 - Azureus Software, Inc.)
Wacky Wheels (HKLM-x32\...\Steam App 358380) (Version: - Beavis Soft)
Windows Driver Package - DFU Driver (CSRBC) USB (02/03/2011 2.4.0.0) (HKLM\...\B14275BEB6CC2EDDF270C2B75D2267764AF7BE67) (Version: 02/03/2011 2.4.0.0 - DFU Driver)
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version: - Machine Games)
WWE 2K16 (HKLM\...\Steam App 385730) (Version: - Visual Concepts)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-10551035-2757477188-1337332661-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {27B08AE8-102E-4F54-A591-1331AAFD120D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {33804AFA-464A-45C4-BDDF-3E9203B45ED5} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {50009E3D-961D-428E-8E76-5721F1F460D1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-09-15] (Microsoft Corporation)
Task: {5F3D5FB3-A5CE-4982-A287-D0419BBBB7C9} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-16] ()
Task: {7A35F4F5-8970-4B8D-91EC-3EDE2252F839} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {8105A456-9AA4-4BA0-900E-66F1B8169769} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-09-01] (McAfee, Inc.)
Task: {9A5305D5-2791-4D2B-BE5D-12EE11976EC8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-27] (Microsoft Corporation)
Task: {9AC0AD58-E922-42C7-AC8A-1F2E559CD18D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {D09D7096-59F7-4537-8B7E-0B2F84B4E08F} - System32\Tasks\{F12B9CF9-686A-4B9A-908E-9E4252A6F2C5} => pcalua.exe -a E:\Games\FlatOut2\FlatOut2.exe -d E:\Games\FlatOut2
Task: {D7DD85D1-7B04-4682-903E-DF14E168ABEA} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard)
Task: {E0B9B39D-B42B-4AA6-8599-83DAFAC478AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {E51AB194-A0B9-40A2-8DC6-69A9F76039D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {F5732D72-47EE-49C4-A4A8-E28C5634CA26} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {FA4F1B9F-8D9E-4DBA-9F5F-5AB17648FB3C} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-15 15:22 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-05 09:54 - 2016-06-29 19:50 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-27 14:40 - 2014-09-27 14:40 - 02150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 14:39 - 2014-09-27 14:39 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 14:48 - 2014-09-27 14:48 - 00420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 14:48 - 2014-09-27 14:48 - 00746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-07-27 16:51 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-05-14 14:26 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-09-15 15:22 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-27 11:13 - 2016-08-27 11:13 - 01864384 _____ () C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-15 15:22 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-15 15:22 - 2016-09-07 06:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-15 15:22 - 2016-09-07 06:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-15 15:21 - 2016-09-07 06:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-15 15:22 - 2016-09-07 06:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-15 15:22 - 2016-09-07 06:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-28 17:10 - 2016-09-28 17:13 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 17:10 - 2016-09-28 17:13 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-28 17:10 - 2016-09-28 17:13 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2014-09-27 14:42 - 2014-09-27 14:42 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2016-09-14 17:59 - 2016-09-20 18:06 - 00015872 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2016-09-29 18:10 - 2016-09-29 18:10 - 00015360 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionApp.exe
2016-09-29 18:10 - 2016-09-29 18:10 - 04148736 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionApp.dll
2016-09-29 18:10 - 2016-09-29 18:10 - 00637440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionAppDeviceManager.dll
2016-07-17 00:06 - 2016-07-17 00:06 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-14 10:19 - 2016-04-14 10:19 - 00086016 _____ () C:\Program Files (x86)\Kerio\VPN Client\ktzlib100_1.2.3.dll
2016-09-14 17:59 - 2016-09-20 18:06 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-10-25 15:25 - 2012-03-15 12:07 - 00028672 _____ () C:\Program Files (x86)\ViewPower2.10\jre\bin\USBDevice.dll
2015-10-25 15:25 - 2010-05-11 02:49 - 00049152 _____ () C:\Program Files (x86)\ViewPower2.10\jre\bin\Shutdown.dll
2015-10-25 15:25 - 2010-05-11 02:49 - 00077759 _____ () C:\Program Files (x86)\ViewPower2.10\jre\bin\rxtxSerial.dll
2016-05-14 14:26 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-16 19:33 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-09-16 19:33 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-09-16 19:33 - 2016-09-20 21:28 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2015-09-16 19:33 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-09-16 19:33 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-09-16 19:33 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-09-16 19:33 - 2016-09-20 21:28 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 17:53 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-09-14 17:59 - 2016-09-20 18:06 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2015-09-16 23:40 - 2016-06-11 10:14 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-08-27 11:13 - 2016-08-27 11:13 - 01383616 _____ () C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-27 11:13 - 2016-08-27 11:13 - 00118976 _____ () C:\Users\Zdenno\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2015-09-16 19:33 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-09-17 00:27 - 2016-09-20 17:58 - 53018112 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00500736 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 01069568 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 01847296 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00386048 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 01582080 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00300544 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00323584 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2015-09-17 00:27 - 2016-03-23 19:47 - 00096768 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00513536 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00265216 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00418304 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2015-09-17 00:27 - 2016-03-23 19:47 - 00672768 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00150528 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2015-09-17 00:27 - 2016-04-25 18:29 - 00144896 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2015-09-17 00:27 - 2016-09-20 17:59 - 01738752 _____ () C:\Program Files (x86)\GalaxyClient\libglesv2.dll
2015-09-17 00:27 - 2016-09-20 17:58 - 00078848 _____ () C:\Program Files (x86)\GalaxyClient\libegl.dll
2016-09-18 17:27 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-18 17:27 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2014-08-13 11:54 - 2014-08-13 11:54 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-09-29 18:05 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-10551035-2757477188-1337332661-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdenno\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hp_metro_sky.jpg
HKU\S-1-5-21-10551035-2757477188-1337332661-1004\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\Evolution.jpg
DNS Servers: 10.0.0.50
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{523066D3-D940-4DB7-A8DE-343714EED635}E:\steamlibrary\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steamlibrary\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{EC8DA2BF-7BFE-403C-925E-A46ED0E4EF2B}E:\steamlibrary\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steamlibrary\steamapps\common\doom\doomx64vk.exe
FirewallRules: [{DFBD4918-5718-4C2D-8782-3B7499CE994D}] => (Allow) E:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{576B9FD4-D9EA-4905-84F7-4EABE80B4530}] => (Allow) E:\SteamLibrary\steamapps\common\Limbo\limbo.exe
FirewallRules: [{1A236A95-30D2-4FC2-852B-9FF19E52797E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D02302C5-4BE8-4154-91CC-FA3187B4FE32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{35EB69DE-3095-49CE-A715-A58D1C3CA006}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8782E4E3-029C-414C-A046-A7B1C82E0C6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3547CC34-CC75-4A0F-94FC-198F95EF955B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2582B7F1-749A-4179-91C3-886DAEA3382D}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{AC1A1288-1A13-407E-842E-8CC20DF31F88}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{316ADB84-A69E-462E-8BA5-ECAC17B90ED3}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{05A7DCEC-0E21-40F8-B5EF-F2D88C5326CF}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{D56CC9D6-BD05-47BD-9440-568A0A0EBB70}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{BF09F702-E40C-4509-BAA4-57A5E0FBD689}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{5FD30408-CFDF-4529-AF8B-9F6F0D7E81F8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{217DECF5-25CE-4FDE-BBA5-60408B48C8AA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{62F20912-18F2-4948-9C81-BB967115DF4D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49A3323D-4CB3-4726-BBE5-6A407C80EFA7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{29911E44-B17D-47EE-ABF3-7DE59E675642}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CB5D909F-DE43-4F6C-912A-872EA812026D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61A1CFD9-6C35-4A2D-BC5A-CA5DD12322FD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{240A2617-118C-435F-8183-91F9B2344F59}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{E0DA0182-40D3-40A1-82BB-F8C5586A40ED}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D0ED2223-CCAE-4988-90A4-F90FD68B6036}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{00DACA55-A827-4F9A-9961-9DC520781841}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E094BC3-40A7-4521-BF1C-A51C33E89FBF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F18BF6B-8B57-4866-AAE2-33F8AFBB683E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DC9A1F18-72D7-4CA4-A93C-B13EE2B04756}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E4CD870-7568-4ECF-ADD7-014C77C32BCE}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5F94A008-80D8-452B-A9C8-0CAF3061E42B}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{1948C64B-57CD-44FD-AC4A-F87CFBAF6232}] => (Allow) E:\SteamLibrary\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe
FirewallRules: [{6A5A2658-53EF-4924-95DD-69C6BFA64B87}] => (Allow) E:\SteamLibrary\steamapps\common\Carmageddon_Reincarnation\bin\Carmageddon_Reincarnation.exe
FirewallRules: [{119C5BEE-347A-4B96-94C5-F7777505DA59}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{54AA84B2-419F-44B2-A1DF-95E981AC7E27}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{35878090-19D3-4597-A7C3-DFA9DC7C4CEE}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{FDC73BF3-D162-421B-9FFF-CAE5D1A47B2F}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E6A8CD0E-0344-4ADF-AD4F-FAFF5520B6FD}] => (Allow) E:\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{B63D6596-4F10-4930-8AF9-7CDD57E16260}] => (Allow) E:\SteamLibrary\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe
FirewallRules: [{11A8F04E-080A-4BF6-BCE3-8427B61CC4EE}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{9BC00EA4-3DBF-4B27-B780-111D64CD45A5}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{2C7570EE-412A-4EF0-90B3-B957DE6D6D67}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{AC04BA1C-D23D-4F21-AF57-9AC33A7EA197}] => (Allow) E:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{B0C2ADDB-DA0A-46C6-B15D-769F2A3857CC}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{14093EB8-E266-41D8-BCDC-32FEC117A9CB}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{675B9571-EEAA-4AA3-92F4-B02D0D41E78C}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\HatredConfig.exe
FirewallRules: [{6F8FD28C-091B-4D49-94F5-F574C6D33317}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\HatredConfig.exe
FirewallRules: [{EBEDEC5A-152A-4EF3-BFDA-2E7EA99DFA43}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\Win64\Hatred-Win64-Shipping.exe
FirewallRules: [{02C69F32-21BC-4CFE-B59E-8119897AE377}] => (Allow) E:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\Win64\Hatred-Win64-Shipping.exe
FirewallRules: [{1C74FF7F-3566-45CE-ACBA-875728E98308}] => (Allow) E:\SteamLibrary\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{344484E1-2087-4556-92C3-21A492B30FFF}] => (Allow) E:\SteamLibrary\steamapps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{C0D9FE3C-0332-4592-85B7-AFCCE3A21A22}] => (Allow) E:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{F0FEC30E-0B73-402E-9A65-ACC6AE4DCD5C}] => (Allow) E:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{A2B07281-F276-4255-9A41-ECACA0D25E38}] => (Allow) E:\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{ABCCA07A-FA54-425C-82CC-886B8C508D29}] => (Allow) E:\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{AC262C8E-5456-4B9F-BF26-3B9EEEA281E5}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Triad Dark War\Rise of the Triad - Dark War\Dosbox\dosbox.exe
FirewallRules: [{52F0CEE2-E98F-486D-A0D5-DEF195A1FAFA}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Triad Dark War\Rise of the Triad - Dark War\Dosbox\dosbox.exe
FirewallRules: [{51FA71EA-0D7D-40FB-A663-2877A9D07E94}] => (Allow) E:\SteamLibrary\steamapps\common\Terminal Velocity\Terminal Velocity\Dosbox\dosbox.exe
FirewallRules: [{21581CD4-44E1-4922-8158-0447ADA22057}] => (Allow) E:\SteamLibrary\steamapps\common\Terminal Velocity\Terminal Velocity\Dosbox\dosbox.exe
FirewallRules: [{1165B085-2E8B-4938-B9A3-BC4B8D0197A9}] => (Allow) E:\SteamLibrary\steamapps\common\Wacky Wheels\Wacky Wheels\Dosbox\dosbox.exe
FirewallRules: [{F76D1F2C-C3C5-4E7E-8DCE-BEC41BDE1E20}] => (Allow) E:\SteamLibrary\steamapps\common\Wacky Wheels\Wacky Wheels\Dosbox\dosbox.exe
FirewallRules: [{EE20FE1C-A557-4E64-96CB-F7BEA9759C25}] => (Allow) E:\SteamLibrary\steamapps\common\Raptor Call of the Shadows\Raptor - Call of the Shadows\Dosbox\dosbox.exe
FirewallRules: [{B2958470-A972-406B-A381-65C7F73B543F}] => (Allow) E:\SteamLibrary\steamapps\common\Raptor Call of the Shadows\Raptor - Call of the Shadows\Dosbox\dosbox.exe
FirewallRules: [{5E756881-37F6-48F9-A0B4-B534E44B7AC7}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 2\Dosbox\dosbox.exe
FirewallRules: [{EE3B99DF-0EF8-48BF-856A-1827180ABCB8}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 2\Dosbox\dosbox.exe
FirewallRules: [{3CEAA190-952D-4484-B441-9B8AE3C3C86C}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 3D\Duke Nukem 3D\eduke32.exe
FirewallRules: [{51728C87-15CE-4E70-8879-CBBF86F4AE38}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem 3D\Duke Nukem 3D\eduke32.exe
FirewallRules: [{1481044B-D6D3-402A-818A-D6AA3693C2EB}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{546084DD-AE36-4655-86AF-9B033B971499}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{E54FFB98-3F19-457F-9616-335B6987F472}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{C3D89A47-29E1-487D-B41E-413FBC48A032}] => (Allow) E:\SteamLibrary\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{126B1680-8CB0-43AF-8628-7ABB3A9126AE}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior DOS\Shadow Warrior\SWP.exe
FirewallRules: [{8D0A9953-BBF8-40ED-9B3F-38D5E515F5C8}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior DOS\Shadow Warrior\SWP.exe
FirewallRules: [{3DF51080-977C-4976-93A0-4A043E31FC55}] => (Allow) E:\SteamLibrary\steamapps\common\Death Rally\Death Rally\dr.exe
FirewallRules: [{61A3950F-8262-4A71-B468-75EED7AB5C38}] => (Allow) E:\SteamLibrary\steamapps\common\Death Rally\Death Rally\dr.exe
FirewallRules: [{31A35117-05F3-4F59-8E10-B33A89D5C9B3}] => (Allow) E:\SteamLibrary\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{39D63050-4377-4C1E-9EAA-EF5A2E0F7F67}] => (Allow) E:\SteamLibrary\steamapps\common\TombRaider (III)\tomb3.exe
FirewallRules: [{493492CA-845B-470D-B5CD-00A64DB5C7A4}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{FA864556-EA46-4A91-AF4D-D8F06882102A}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{6643D0F2-472B-490D-BC24-24D5FDA28EDC}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{67351531-1D66-4328-8057-04D72654AFA2}] => (Allow) E:\SteamLibrary\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{8D126750-C613-4DA8-86E2-B7FD28A9DFAF}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CFC4CA8F-5D91-4960-9C31-552520B15662}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{F1868533-DB91-49E7-8661-37EA1006FE39}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{652771CC-EAA0-40FB-9F19-BD56BEF5F38F}] => (Allow) E:\SteamLibrary\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{65D9F4EA-51D9-4E67-B493-B390F02A0B8A}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{28415510-060F-4AA6-AF7E-D0F28143FE4C}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{71466784-D9EE-45FE-9637-03BFD11B23DF}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{FB8AA17B-757C-488A-AE6D-E8D2AC8DF6F3}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{C83B17B6-111A-4DA3-9F70-7898DB5D5DB4}] => (Allow) E:\SteamLibrary\steamapps\common\WWE2K16\WWE2K16.exe
FirewallRules: [{D17CCACE-00C5-49DB-93F0-9B540C267D19}] => (Allow) E:\SteamLibrary\steamapps\common\WWE2K16\WWE2K16.exe
FirewallRules: [{1A1DC32C-CD9E-40FD-86A5-4AF726137F82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

29-09-2016 18:17:38 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Kerio VPN adapter
Description: Kerio VPN adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: KerioTechnologies
Service: kvpndev
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2016 07:02:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZDENNO-PC)
Description: Aktivácia aplikácie Microsoft.Windows.Photos_8wekyb3d8bbwe!App zlyhala pre chybu: -2147023673 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (09/29/2016 07:02:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: NvStreamUserAgent.exe, verzia: 7.1.2084.9592, časová značka: 0x57605c64
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.103, časová značka: 0x57b7e207
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000003061d
Identifikácia chybujúceho procesu: 0x21d8
Čas spustenia chybujúcej aplikácie: 0x01d21a7343537f96
Cesta chybujúcej aplikácie: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: ae3a09be-7fba-42c4-a417-a0e68a75f9a8
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/29/2016 07:02:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ZDENNO-PC)
Description: Balík Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe+App sa ukončil, pretože jeho odstavenie trvalo príliš dlho.

Error: (09/29/2016 06:17:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (09/29/2016 06:12:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/29/2016 06:05:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (09/29/2016 06:05:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (09/29/2016 06:05:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {4bf5a94c-312a-4a3d-b56e-a09e6f957bdc}

Error: (09/29/2016 06:02:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/29/2016 06:01:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 4.1.5.2.5.8.0.E.5.B.6.C.F.5.0.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Zdenno-PC-2.local.


System errors:
=============
Error: (09/29/2016 07:07:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80070643: Aktualizácia definícií pre Windows Defender - KB2267602 (Definícia 1.229.508.0).

Error: (09/29/2016 06:10:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/29/2016 06:09:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (09/29/2016 06:06:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/29/2016 06:06:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/29/2016 06:06:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/29/2016 06:06:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby mfemms zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (09/29/2016 06:06:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
The system cannot find the path specified.

Error: (09/29/2016 06:05:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/29/2016 06:05:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


CodeIntegrity:
===================================
Date: 2016-09-29 19:07:57.919
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 19:07:57.918
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 19:07:57.385
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 19:07:57.383
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 18:04:40.719
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 18:04:40.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-28 17:13:01.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-28 17:13:01.208
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16340.54 MB
Available physical RAM: 12360.04 MB
Total Virtual: 18772.54 MB
Available Virtual: 13916.52 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:218.07 GB) (Free:64.82 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.49 GB) (Free:2.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATADRIVE1) (Fixed) (Total:1862.89 GB) (Free:138.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 257EFC1F)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 52F21B8F)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
sorcer
Přítel fóra
Přítel fóra
Příspěvky: 527
Registrován: 26 čer 2006 01:29

Re: prosim o kontrolu

#11 Příspěvek od sorcer »

Ještě jeden fixlist + poté vložte do tématu FIXLOG.txt (tento vytvoří utilita FRST, po dokončení své činnosti)

1) Obsah fixu níže, nakopírujte do Notepadu + uložte jej jako: fixlist.txt
2) Soubor uložte na stejné místo, kde má aktuálně utilitu FRST

Kód: Vybrat vše

Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:

File: C:\Program Files (x86)\Origin\QtWebEngineProcess.exe

SearchScopes: HKU\S-1-5-21-10551035-2757477188-1337332661-1004 -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}

END
3) Spusťte FRST a kliněte na tlačítko FIX
4) Restartujte PC.
5) Nyní prosím vložte soubor FIXLOG.txt
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#12 Příspěvek od Zdenno »

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
Ran by Zdenno (30-09-2016 17:12:27) Run:2
Running from C:\Users\Zdenno\Desktop
Loaded Profiles: Zdenno (Available Profiles: Zdenno & User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
EmptyTemp:
CloseProcesses:

File: C:\Program Files (x86)\Origin\QtWebEngineProcess.exe

SearchScopes: HKU\S-1-5-21-10551035-2757477188-1337332661-1004 -> {145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}

END
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\Program Files (x86)\Origin\QtWebEngineProcess.exe ========================

File not signed
MD5: 280F6EA1261B8148BDF6F133CA1F0D91
Creation and modification date: 2016-09-14 17:59 - 2016-09-20 18:06
Size: 0015872
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

HKU\S-1-5-21-10551035-2757477188-1337332661-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} => key not found.
HKCR\CLSID\{145DCD8B-36A5-48E9-89DC-BEEB08D15E9C} => key not found.

=========== EmptyTemp: ==========

BITS transfer queue => 284941 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22260649 B
Java, Flash, Steam htmlcache => 25908099 B
Windows/system/drivers => 40872 B
Edge => 2053866 B
Chrome => 388776154 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6582 B
NetworkService => 12846 B
Zdenno => 1490186 B
User => 0 B

RecycleBin => 0 B
EmptyTemp: => 420.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:12:31 ====
Nahoru
sorcer
Přítel fóra
Přítel fóra
Příspěvky: 527
Registrován: 26 čer 2006 01:29

Re: prosim o kontrolu

#13 Příspěvek od sorcer »

Logy jsou v pořádku. Odstraníme utility a nemáte-li dotazy, poroučím se.

1) Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
2) Oznacte pouze moznost "Remove disinfection tools"
3) Klik na Run
Nahoru
Zdenno
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 03 čer 2009 16:27

Re: prosim o kontrolu

#14 Příspěvek od Zdenno »

Dakujem za pomoc
Nahoru
sorcer
Přítel fóra
Přítel fóra
Příspěvky: 527
Registrován: 26 čer 2006 01:29

Re: prosim o kontrolu

#15 Příspěvek od sorcer »

Rádo se stalo.

:closed:
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“