Lagujicí počítač

Zpráva

windyOMG · #16 Příspěvek od **windyOMG** » 18 dub 2017 11:55

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by winki (18-04-2017 12:46:37) Run:1
Running from C:\Users\winki\Desktop
Loaded Profiles: winki (Available Profiles: defaultuser0 & winki)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Google Update] => C:\Users\winki\AppData\Local\Google\Update\1.3.33.3\GoogleUpdateCore.exe [599632 2017-04-12] (Google Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Spotify Web Helper] => C:\Users\winki\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-24] (Spotify Ltd)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]

AlternateDataStreams: C:\Users\winki\Amazon Drive:com.amazon.drive.sync [129]
AlternateDataStreams: C:\Users\winki\Amazon Drive:com.amazon.drive.sync.root [42]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKLM\System\CurrentControlSet\Services\AdobeUpdateService => key removed successfully
AdobeUpdateService => service removed successfully
HKLM\System\CurrentControlSet\Services\KSDE1.0.0 => key removed successfully
KSDE1.0.0 => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => key removed successfully
MBAMSwissArmy => service removed successfully
C:\Users\winki\Amazon Drive => ":com.amazon.drive.sync" ADS removed successfully.
C:\Users\winki\Amazon Drive => ":com.amazon.drive.sync.root" ADS removed successfully.
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 244272912 B
Java, Flash, Steam htmlcache => 346994499 B
Windows/system/drivers => 30123433 B
Edge => 3238548 B
Chrome => 898201760 B
Firefox => 19012105 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 48054 B
NetworkService => 36008 B
defaultuser0 => 588289 B
winki => 2889165090 B

RecycleBin => 266341349 B
EmptyTemp: => 4.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-04-2017 12:54:10)

"C:\Windows\System32\Drivers\etc\hosts" => Could not move
Could not restore Hosts.

==== End of Fixlog 12:54:10 ====

#17 Příspěvek od **Márty84** » 19 dub 2017 03:12

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

windyOMG · #18 Příspěvek od **windyOMG** » 20 dub 2017 01:49

Defragmentace mi běží asi už přes 15h a posledních 5h to zůstává na 96 procentech, ale stále to běží. Asi to dělají ty png sekvence a jich tam bude sakra moc

s takovou to vidím na dny

#19 Příspěvek od **Márty84** » 20 dub 2017 16:08

No pokud se dlouho nedelala, trva to fakt dlouho

windyOMG · #20 Příspěvek od **windyOMG** » 21 dub 2017 22:21

Ahoj, to tzv. lagování se nezlepšilo

#21 Příspěvek od **Márty84** » 23 dub 2017 09:06

OK, popiste tedy podrobneji, co je za problem.

Jak casto k tomu dochazi, pri jake cinnosti, je to pravidelne, nebo zcela nahodne, atd...

windyOMG · #22 Příspěvek od **windyOMG** » 23 dub 2017 17:33

Nejčastěji se to projevuje u videí zkoušel jsem youtube, stream (Prohlížeč chrome) i filmy na hdd (vlc přehrávač) a dělá to všude (zvuk jsem zkoušel i přes sluchátka tzv. zapojena skrz monitor). Vysvětlil bych to tak, že se počítač zpomalí. Zvuk se na chvílí zadrhne u obrazu to tak nejde poznat ani, ale stává se to. Sem tam i prohlížení (scroolování) se zadrhne, či se i zasekne myš na pár milisekund na jednom místě (to je výjimečně). Někdy je zpomalení počítače znát dost dobře po jeho zapnutí zapnutí. Neřekl bych že se to projevuje při nějaké určené činnostmi ale poslední dobou bych i řekl, že to je horší.

#23 Příspěvek od **Márty84** » 24 dub 2017 02:27

Mate DVD mechaniku? Zkuste pustit nejaky film z ni, jestli se problem taky ukaze.

windyOMG · #24 Příspěvek od **windyOMG** » 14 kvě 2017 15:39

Poslední dobou se tom moc neprojevovalo, ale ano blbne to i při spuštěné DVD mechanice

#25 Příspěvek od **Márty84** » 14 kvě 2017 17:35

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

windyOMG · #26 Příspěvek od **windyOMG** » 14 kvě 2017 18:46

OTL logfile created on: 14.05.2017 19:18:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\winki\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.15063.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

31,95 Gb Total Physical Memory | 26,46 Gb Available Physical Memory | 82,82% Memory free
36,70 Gb Paging File | 29,19 Gb Available in Paging File | 79,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,25 Gb Total Space | 41,80 Gb Free Space | 37,57% Space Free | Partition Type: NTFS
Drive D: | 78,12 Gb Total Space | 69,73 Gb Free Space | 89,26% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 132,56 Gb Free Space | 90,50% Space Free | Partition Type: NTFS
Drive G: | 1638,40 Gb Total Space | 158,95 Gb Free Space | 9,70% Space Free | Partition Type: NTFS
Drive H: | 6,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 119,24 Gb Total Space | 50,17 Gb Free Space | 42,07% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-0S50FER | User Name: winki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2017.05.14 19:17:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\winki\Downloads\OTL.exe
PRC - [2017.05.08 04:30:37 | 008,470,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2017.05.01 22:53:22 | 000,462,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
PRC - [2017.04.26 07:40:27 | 000,425,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
PRC - [2017.04.26 07:40:20 | 000,447,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
PRC - [2017.04.26 07:40:18 | 015,553,472 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
PRC - [2017.04.26 07:39:53 | 001,648,576 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
PRC - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2017.04.19 13:01:43 | 000,626,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2017.04.19 12:11:06 | 001,504,888 | ---- | M] (Microsoft Corporation) -- C:\Users\winki\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2017.04.13 12:16:16 | 004,189,104 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
PRC - [2017.04.10 16:59:04 | 003,116,440 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe
PRC - [2017.03.24 22:09:14 | 004,107,680 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2017.03.24 22:07:54 | 000,145,208 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2017.03.24 22:07:20 | 001,058,616 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
PRC - [2017.03.24 11:24:20 | 001,446,000 | ---- | M] (Spotify Ltd) -- C:\Users\winki\AppData\Roaming\Spotify\SpotifyWebHelper.exe
PRC - [2017.03.01 16:14:32 | 001,980,392 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
PRC - [2017.03.01 16:14:32 | 000,037,864 | ---- | M] (Python Software Foundation) -- C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
PRC - [2017.03.01 16:14:30 | 014,367,208 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
PRC - [2017.03.01 16:14:30 | 004,278,760 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
PRC - [2017.02.27 10:55:02 | 002,227,312 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2016.12.15 13:55:38 | 010,351,856 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2016.10.12 20:11:58 | 000,148,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
PRC - [2016.10.12 17:28:18 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
PRC - [2016.10.12 17:28:18 | 000,190,144 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
PRC - [2016.10.12 17:28:16 | 002,383,040 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2016.10.12 17:28:16 | 002,360,000 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
PRC - [2016.10.12 01:08:28 | 011,798,680 | ---- | M] (Node.js) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
PRC - [2016.10.01 07:08:12 | 031,723,696 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2016.04.05 20:07:48 | 001,029,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe

========== Modules (No Company Name) ==========

MOD - [2017.05.08 04:30:38 | 067,717,632 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2017.05.08 04:30:38 | 000,997,896 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvChrome.dll
MOD - [2017.05.08 04:30:37 | 000,684,656 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2017.05.08 04:30:37 | 000,223,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll
MOD - [2017.05.08 04:30:37 | 000,176,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
MOD - [2017.05.08 04:30:36 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2017.05.08 04:30:35 | 000,291,824 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2017.04.26 07:40:20 | 000,900,032 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
MOD - [2017.04.26 07:39:51 | 065,708,992 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
MOD - [2017.04.26 07:03:26 | 002,442,360 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
MOD - [2017.04.26 07:03:26 | 000,572,024 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
MOD - [2017.04.26 07:03:26 | 000,463,808 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
MOD - [2017.04.26 07:03:26 | 000,385,472 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
MOD - [2017.04.26 07:03:26 | 000,384,120 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
MOD - [2017.04.26 07:03:25 | 000,517,752 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
MOD - [2017.04.26 07:03:25 | 000,467,392 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
MOD - [2017.04.26 07:03:25 | 000,361,920 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
MOD - [2017.04.26 07:03:25 | 000,252,352 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
MOD - [2017.04.13 12:16:16 | 004,189,104 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
MOD - [2017.03.01 16:14:52 | 000,930,280 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
MOD - [2017.03.01 16:14:52 | 000,218,088 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
MOD - [2017.03.01 16:14:52 | 000,071,656 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
MOD - [2017.03.01 16:14:52 | 000,041,448 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
MOD - [2017.03.01 16:14:50 | 000,694,248 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
MOD - [2017.03.01 16:14:50 | 000,095,720 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
MOD - [2017.03.01 16:14:50 | 000,050,152 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
MOD - [2017.03.01 16:14:50 | 000,024,552 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
MOD - [2017.03.01 16:14:50 | 000,018,920 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
MOD - [2017.03.01 16:14:48 | 000,772,072 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
MOD - [2017.03.01 16:14:48 | 000,143,336 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
MOD - [2017.03.01 16:14:48 | 000,083,432 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
MOD - [2017.03.01 16:14:46 | 001,741,288 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc2411.dll
MOD - [2017.03.01 16:14:46 | 000,115,688 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
MOD - [2017.03.01 16:14:46 | 000,059,880 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
MOD - [2017.03.01 16:14:44 | 001,962,984 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\opencv_core2411.dll
MOD - [2017.03.01 16:14:44 | 001,549,104 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libstdc++-6.dll
MOD - [2017.03.01 16:14:44 | 001,083,368 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
MOD - [2017.03.01 16:14:44 | 000,203,240 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
MOD - [2017.03.01 16:14:44 | 000,190,952 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
MOD - [2017.03.01 16:14:44 | 000,025,576 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll
MOD - [2017.03.01 16:14:42 | 000,127,136 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libgcc_s_dw2-1.dll
MOD - [2017.03.01 16:14:42 | 000,074,728 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
MOD - [2016.12.30 18:33:52 | 008,117,648 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\airplay.dll
MOD - [2016.10.12 20:11:58 | 000,821,952 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanMessage5.dll
MOD - [2016.10.12 20:11:58 | 000,713,408 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanControl.dll
MOD - [2016.10.12 20:11:58 | 000,098,496 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
MOD - [2016.10.12 17:28:18 | 040,523,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
MOD - [2016.10.12 01:08:26 | 000,223,232 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
MOD - [2016.10.12 01:08:26 | 000,124,928 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
MOD - [2016.10.12 01:08:26 | 000,117,248 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
MOD - [2016.10.12 01:08:22 | 000,166,400 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
MOD - [2016.10.12 01:08:22 | 000,118,272 | ---- | M] () -- \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
MOD - [2016.10.11 12:24:10 | 000,020,552 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdrawable_plugin.dll
MOD - [2016.10.11 12:24:06 | 000,084,040 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirect3d_plugin.dll
MOD - [2016.10.11 12:24:06 | 000,075,848 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirectdraw_plugin.dll
MOD - [2016.10.11 12:24:00 | 000,020,552 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libyuvp_plugin.dll
MOD - [2016.10.11 12:23:36 | 000,021,064 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libscale_plugin.dll
MOD - [2016.10.11 12:22:14 | 000,025,160 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i422_plugin.dll
MOD - [2016.10.11 12:22:10 | 000,028,232 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i420_plugin.dll
MOD - [2016.10.11 12:22:08 | 000,744,008 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libswscale_plugin.dll
MOD - [2016.10.11 12:22:06 | 000,034,376 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
MOD - [2016.10.11 12:22:06 | 000,025,160 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_plugin.dll
MOD - [2016.10.11 12:22:04 | 000,026,184 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
MOD - [2016.10.11 12:22:02 | 000,021,576 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_i420_plugin.dll
MOD - [2016.10.11 12:22:00 | 000,036,424 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
MOD - [2016.10.11 12:21:56 | 000,026,696 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_plugin.dll
MOD - [2016.10.11 12:21:54 | 000,122,952 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
MOD - [2016.10.11 12:21:54 | 000,027,720 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
MOD - [2016.10.11 12:21:52 | 000,034,888 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_plugin.dll
MOD - [2016.10.11 12:21:50 | 000,062,024 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
MOD - [2016.10.11 12:21:48 | 000,022,088 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libgrey_yuv_plugin.dll
MOD - [2016.10.11 12:21:44 | 000,781,896 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libfreetype_plugin.dll
MOD - [2016.10.11 12:21:00 | 000,069,704 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libsmooth_plugin.dll
MOD - [2016.10.11 12:20:58 | 000,021,064 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\librecord_plugin.dll
MOD - [2016.10.11 12:20:56 | 000,771,656 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libdash_plugin.dll
MOD - [2016.10.11 12:20:56 | 000,590,920 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libhttplive_plugin.dll
MOD - [2016.10.11 12:20:48 | 000,134,728 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libsap_plugin.dll
MOD - [2016.10.11 12:20:42 | 000,043,080 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_vc1_plugin.dll
MOD - [2016.10.11 12:20:38 | 000,034,888 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
MOD - [2016.10.11 12:20:38 | 000,032,840 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
MOD - [2016.10.11 12:20:36 | 000,075,848 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
MOD - [2016.10.11 12:20:32 | 000,027,720 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mlp_plugin.dll
MOD - [2016.10.11 12:20:30 | 000,087,112 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_h264_plugin.dll
MOD - [2016.10.11 12:20:28 | 000,029,768 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_flac_plugin.dll
MOD - [2016.10.11 12:20:26 | 000,037,960 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_dirac_plugin.dll
MOD - [2016.10.11 12:20:04 | 001,261,640 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libxml_plugin.dll
MOD - [2016.10.11 12:19:46 | 001,566,792 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libtaglib_plugin.dll
MOD - [2016.10.11 12:19:42 | 000,332,360 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\lua\liblua_plugin.dll
MOD - [2016.10.11 12:19:42 | 000,020,552 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libxa_plugin.dll
MOD - [2016.10.11 12:19:40 | 000,027,720 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libwav_plugin.dll
MOD - [2016.10.11 12:19:38 | 000,024,648 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvoc_plugin.dll
MOD - [2016.10.11 12:19:28 | 000,022,088 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libtta_plugin.dll
MOD - [2016.10.11 12:19:18 | 000,029,256 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsmf_plugin.dll
MOD - [2016.10.11 12:19:16 | 000,961,096 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsid_plugin.dll
MOD - [2016.10.11 12:19:06 | 000,027,208 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libpva_plugin.dll
MOD - [2016.10.11 12:19:00 | 000,335,944 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libogg_plugin.dll
MOD - [2016.10.11 12:19:00 | 000,143,432 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libplaylist_plugin.dll
MOD - [2016.10.11 12:18:58 | 000,029,768 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnuv_plugin.dll
MOD - [2016.10.11 12:18:40 | 000,082,504 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmpc_plugin.dll
MOD - [2016.10.11 12:18:36 | 000,239,688 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmp4_plugin.dll
MOD - [2016.10.11 12:18:32 | 001,307,208 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmkv_plugin.dll
MOD - [2016.10.11 12:18:28 | 000,032,840 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libimage_plugin.dll
MOD - [2016.10.11 12:18:22 | 000,417,864 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libgme_plugin.dll
MOD - [2016.10.11 12:18:20 | 000,089,160 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libflacsys_plugin.dll
MOD - [2016.10.11 12:18:18 | 000,034,376 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libes_plugin.dll
MOD - [2016.10.11 12:18:16 | 000,021,576 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdiracsys_plugin.dll
MOD - [2016.10.11 12:18:12 | 000,032,328 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libcaf_plugin.dll
MOD - [2016.10.11 12:18:06 | 000,106,568 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libavi_plugin.dll
MOD - [2016.10.11 12:18:06 | 000,022,088 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libau_plugin.dll
MOD - [2016.10.11 12:18:04 | 000,094,280 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libasf_plugin.dll
MOD - [2016.10.11 12:17:40 | 000,752,200 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libvorbis_plugin.dll
MOD - [2016.10.11 12:17:34 | 000,342,088 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtheora_plugin.dll
MOD - [2016.10.11 12:17:30 | 000,023,624 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsvcdsub_plugin.dll
MOD - [2016.10.11 12:17:28 | 000,049,736 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubstx3g_plugin.dll
MOD - [2016.10.11 12:17:24 | 000,026,184 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspudec_plugin.dll
MOD - [2016.10.11 12:17:20 | 000,155,208 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspeex_plugin.dll
MOD - [2016.10.11 12:17:18 | 001,288,776 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libschroedinger_plugin.dll
MOD - [2016.10.11 12:16:40 | 000,020,224 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\librawvideo_plugin.dll
MOD - [2016.10.11 12:16:30 | 000,302,152 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libpng_plugin.dll
MOD - [2016.10.11 12:16:26 | 000,361,032 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libopus_plugin.dll
MOD - [2016.10.11 12:16:20 | 000,025,672 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libmpeg_audio_plugin.dll
MOD - [2016.10.11 12:16:16 | 000,029,256 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblpcm_plugin.dll
MOD - [2016.10.11 12:16:08 | 002,660,424 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblibass_plugin.dll
MOD - [2016.10.11 12:16:02 | 000,258,632 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libjpeg_plugin.dll
MOD - [2016.10.11 12:16:00 | 000,033,352 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libg711_plugin.dll
MOD - [2016.10.11 12:15:58 | 000,453,704 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libflac_plugin.dll
MOD - [2016.10.11 12:15:56 | 000,353,864 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfaad_plugin.dll
MOD - [2016.10.11 12:15:52 | 000,119,368 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdvbsub_plugin.dll
MOD - [2016.10.11 12:15:42 | 000,026,184 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdts_plugin.dll
MOD - [2016.10.11 12:15:32 | 000,024,648 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcdg_plugin.dll
MOD - [2016.10.11 12:15:24 | 014,926,920 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libavcodec_plugin.dll
MOD - [2016.10.11 12:15:20 | 000,034,376 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaraw_plugin.dll
MOD - [2016.10.11 12:15:18 | 000,022,088 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaes3_plugin.dll
MOD - [2016.10.11 12:15:10 | 000,025,672 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liba52_plugin.dll
MOD - [2016.10.11 12:15:08 | 000,037,448 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwaveout_plugin.dll
MOD - [2016.10.11 12:15:02 | 000,039,496 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libdirectsound_plugin.dll
MOD - [2016.10.11 12:14:56 | 000,020,040 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libfloat_mixer_plugin.dll
MOD - [2016.10.11 12:14:54 | 000,020,040 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libugly_resampler_plugin.dll
MOD - [2016.10.11 12:14:52 | 000,022,088 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
MOD - [2016.10.11 12:14:46 | 000,025,672 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
MOD - [2016.10.11 12:14:44 | 000,024,648 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_plugin.dll
MOD - [2016.10.11 12:14:42 | 001,502,280 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsamplerate_plugin.dll
MOD - [2016.10.11 12:14:36 | 000,137,800 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libmpgatofixed32_plugin.dll
MOD - [2016.10.11 12:14:26 | 000,020,552 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libdtstospdif_plugin.dll
MOD - [2016.10.11 12:14:22 | 000,174,152 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libdtstofloat32_plugin.dll
MOD - [2016.10.11 12:14:20 | 000,027,208 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
MOD - [2016.10.11 12:14:10 | 000,031,816 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libaudio_format_plugin.dll
MOD - [2016.10.11 12:14:06 | 000,020,040 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\liba52tospdif_plugin.dll
MOD - [2016.10.11 12:14:04 | 000,065,096 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\liba52tofloat32_plugin.dll
MOD - [2016.10.11 12:13:52 | 000,129,096 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libzip_plugin.dll
MOD - [2016.10.11 12:13:50 | 000,087,112 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvdr_plugin.dll
MOD - [2016.10.11 12:13:32 | 000,050,248 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\librar_plugin.dll
MOD - [2016.10.11 12:13:30 | 002,179,656 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblibbluray_plugin.dll
MOD - [2016.10.11 12:13:30 | 000,725,064 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblive555_plugin.dll
MOD - [2016.10.11 12:13:18 | 000,053,320 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libfilesystem_plugin.dll
MOD - [2016.10.11 12:13:06 | 000,242,760 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdnav_plugin.dll
MOD - [2016.10.11 12:13:02 | 000,555,080 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdshow_plugin.dll
MOD - [2016.10.11 12:12:54 | 000,111,688 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_bd_plugin.dll
MOD - [2016.10.11 12:11:32 | 002,035,272 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\libvlccore.dll
MOD - [2016.10.11 12:11:30 | 000,143,944 | ---- | M] () -- C:\Program Files (x86)\DearMob\5KPlayer\libvlc.dll
MOD - [2016.10.01 07:08:12 | 031,723,696 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

========== Services (SafeList) ==========

SRV:64bit: - [2017.05.08 04:30:36 | 000,263,304 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2017.05.08 04:30:35 | 007,346,208 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2017.05.01 22:53:22 | 000,462,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
SRV:64bit: - [2017.04.28 03:05:28 | 000,923,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2017.04.28 02:58:30 | 000,872,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2017.04.28 01:58:36 | 001,054,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:64bit: - [2017.04.28 01:57:51 | 002,800,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2017.04.26 07:40:22 | 000,492,480 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService)
SRV:64bit: - [2017.04.26 07:40:22 | 000,492,480 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem)
SRV:64bit: - [2017.04.19 08:08:25 | 000,681,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2017.04.19 08:04:15 | 000,624,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2017.04.14 01:37:14 | 000,301,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2017.04.14 01:29:58 | 001,295,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2017.04.14 01:29:46 | 000,647,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2017.03.20 06:41:42 | 003,913,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe -- (Sense)
SRV:64bit: - [2017.03.20 06:41:36 | 001,200,640 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService)
SRV:64bit: - [2017.03.20 06:41:31 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2017.03.20 06:41:29 | 000,846,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient)
SRV:64bit: - [2017.03.18 22:59:53 | 000,428,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2017.03.18 22:59:52 | 000,585,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2017.03.18 22:58:33 | 000,706,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2017.03.18 22:58:32 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:64bit: - [2017.03.18 22:58:32 | 000,199,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:64bit: - [2017.03.18 22:58:29 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2017.03.18 22:58:24 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2017.03.18 22:58:22 | 000,086,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2017.03.18 22:58:21 | 002,155,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2017.03.18 22:58:21 | 001,135,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2017.03.18 22:58:21 | 000,777,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2017.03.18 22:58:21 | 000,582,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2017.03.18 22:58:21 | 000,555,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:64bit: - [2017.03.18 22:58:21 | 000,334,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2017.03.18 22:58:21 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_a81d7f7)
SRV:64bit: - [2017.03.18 22:58:18 | 001,067,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2017.03.18 22:58:18 | 000,630,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2017.03.18 22:58:18 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2017.03.18 22:58:18 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2017.03.18 22:58:17 | 001,191,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:64bit: - [2017.03.18 22:58:17 | 000,772,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2017.03.18 22:58:17 | 000,536,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2017.03.18 22:58:17 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2017.03.18 22:58:16 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2017.03.18 22:58:16 | 000,524,288 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2017.03.18 22:58:16 | 000,342,528 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2017.03.18 22:58:16 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2017.03.18 22:58:13 | 000,276,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2017.03.18 22:58:12 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2017.03.18 22:58:10 | 001,628,672 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2017.03.18 22:58:10 | 001,295,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:64bit: - [2017.03.18 22:58:10 | 001,284,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2017.03.18 22:58:10 | 000,970,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2017.03.18 22:58:10 | 000,302,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:64bit: - [2017.03.18 22:58:10 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2017.03.18 22:58:09 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2017.03.18 22:58:09 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2017.03.18 22:58:07 | 001,192,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2017.03.18 22:58:07 | 000,846,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2017.03.18 22:58:07 | 000,802,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2017.03.18 22:58:07 | 000,233,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2017.03.18 22:58:07 | 000,210,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2017.03.18 22:58:07 | 000,182,272 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2017.03.18 22:58:04 | 000,548,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2017.03.18 22:58:04 | 000,301,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.dll -- (xbgm)
SRV:64bit: - [2017.03.18 22:58:04 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2017.03.18 22:58:04 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2017.03.18 22:58:04 | 000,026,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2017.03.18 22:58:04 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:64bit: - [2017.03.18 22:58:01 | 000,723,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:64bit: - [2017.03.18 22:58:01 | 000,064,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:64bit: - [2017.03.18 22:58:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2017.03.18 22:58:00 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2017.03.18 22:57:58 | 000,877,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2017.03.18 22:57:58 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2017.03.18 22:57:58 | 000,165,888 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2017.03.18 22:57:58 | 000,095,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2017.03.18 22:57:54 | 000,346,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2017.03.18 22:57:54 | 000,292,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2017.03.18 22:57:54 | 000,059,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2017.03.18 22:57:53 | 001,035,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2017.03.18 22:57:50 | 002,515,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2017.03.18 22:57:47 | 000,699,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2017.03.18 22:57:47 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2017.03.18 22:57:46 | 005,302,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2017.03.18 22:57:46 | 000,455,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2017.03.18 22:57:29 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2017.03.18 22:57:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2017.03.18 22:57:16 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2017.03.18 22:57:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2017.03.18 22:57:15 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2017.03.18 22:57:05 | 000,891,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:64bit: - [2017.03.18 22:57:05 | 000,599,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2017.03.18 22:57:03 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2017.03.18 22:57:00 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2017.03.18 22:56:56 | 001,832,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2017.03.18 22:56:44 | 000,342,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2017.03.18 22:56:44 | 000,335,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:64bit: - [2017.03.18 22:56:44 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2017.03.18 22:56:44 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2017.03.18 22:56:44 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2017.03.18 22:56:44 | 000,102,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2017.03.18 22:56:20 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2017.03.18 22:56:19 | 000,431,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2017.02.07 12:50:40 | 001,471,168 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe -- (Disc Soft Lite Bus Service)
SRV - [2017.05.10 11:23:48 | 000,173,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017.04.28 03:04:16 | 000,583,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2017.04.28 02:40:07 | 000,799,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2017.04.26 07:40:27 | 000,425,408 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -- (NvTelemetryContainer)
SRV - [2017.04.26 01:55:28 | 001,590,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017.04.10 16:59:04 | 003,116,440 | ---- | M] (Electronic Arts) [Auto | Running] -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service)
SRV - [2017.04.10 16:59:00 | 002,147,216 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2017.04.05 16:09:10 | 000,317,400 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2017.03.24 22:09:14 | 004,107,680 | ---- | M] (Check Point Software Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2017.03.24 22:07:20 | 001,058,616 | ---- | M] (Check Point Software Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe -- (ZoneAlarm ICM Service)
SRV - [2017.03.18 22:58:54 | 000,394,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017.03.18 22:58:52 | 000,976,384 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2017.03.18 22:58:47 | 004,212,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2017.03.18 22:58:46 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017.03.18 22:56:20 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017.03.01 16:14:32 | 001,980,392 | ---- | M] (Plex, Inc.) [Auto | Running] -- C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe -- (PlexUpdateService)
SRV - [2017.02.27 10:55:02 | 002,227,312 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe -- (AGSService)
SRV - [2016.12.15 13:55:38 | 010,351,856 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2016.11.01 20:09:38 | 000,114,936 | ---- | M] (Check Point Software Technologies, Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2016.10.12 17:28:18 | 000,744,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe -- (AdobeUpdateService)
SRV - [2016.08.11 17:52:44 | 000,342,456 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2017.05.13 14:37:38 | 000,158,880 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2017.05.08 04:30:39 | 000,569,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2017.05.08 04:30:39 | 000,339,696 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2017.05.08 04:30:39 | 000,128,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2017.05.08 04:30:39 | 000,101,152 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2017.05.08 04:30:39 | 000,075,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2017.05.08 04:30:39 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2017.05.08 04:30:36 | 001,007,160 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2017.05.08 04:30:36 | 000,032,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2017.05.08 04:30:35 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2017.05.08 04:30:35 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2017.05.08 04:30:35 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2017.05.08 04:30:35 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2017.05.02 22:18:08 | 014,456,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2017.04.28 02:59:04 | 000,388,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2017.04.28 02:11:52 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2017.04.26 07:40:28 | 000,047,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2017.04.26 07:40:00 | 000,030,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2017.04.20 03:59:14 | 000,059,448 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvhci.sys -- (nvvhci)
DRV:64bit: - [2017.04.19 09:04:08 | 000,142,240 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2017.04.19 08:18:19 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:64bit: - [2017.04.02 18:12:15 | 000,218,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2017.03.24 20:04:38 | 000,461,240 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2017.03.20 06:41:42 | 000,037,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2017.03.20 06:41:38 | 000,230,816 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt)
DRV:64bit: - [2017.03.20 06:41:36 | 000,040,344 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV:64bit: - [2017.03.20 06:41:34 | 000,040,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:64bit: - [2017.03.20 06:41:31 | 000,030,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2017.03.20 06:41:30 | 000,125,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2017.03.20 06:41:29 | 000,161,696 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV:64bit: - [2017.03.20 06:41:29 | 000,143,776 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs)
DRV:64bit: - [2017.03.20 06:41:29 | 000,127,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm)
DRV:64bit: - [2017.03.18 22:59:50 | 000,030,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2017.03.18 22:58:33 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2017.03.18 22:58:18 | 000,759,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2017.03.18 22:58:18 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2017.03.18 22:58:16 | 000,127,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2017.03.18 22:58:04 | 000,263,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2017.03.18 22:58:04 | 000,179,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2017.03.18 22:58:04 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2017.03.18 22:58:04 | 000,070,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2017.03.18 22:58:04 | 000,059,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2017.03.18 22:58:04 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2017.03.18 22:58:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2017.03.18 22:58:01 | 000,217,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:64bit: - [2017.03.18 22:58:01 | 000,012,288 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:64bit: - [2017.03.18 22:57:58 | 000,154,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2017.03.18 22:57:58 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2017.03.18 22:57:58 | 000,074,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2017.03.18 22:57:58 | 000,039,840 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2017.03.18 22:57:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2017.03.18 22:57:57 | 000,075,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2017.03.18 22:57:57 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:64bit: - [2017.03.18 22:57:54 | 000,208,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2017.03.18 22:57:54 | 000,169,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2017.03.18 22:57:54 | 000,128,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2017.03.18 22:57:53 | 000,164,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2017.03.18 22:57:53 | 000,072,192 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2017.03.18 22:57:47 | 000,080,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2017.03.18 22:57:39 | 001,735,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2017.03.18 22:57:39 | 000,936,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2017.03.18 22:57:39 | 000,382,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2017.03.18 22:57:39 | 000,239,616 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2017.03.18 22:57:39 | 000,215,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2017.03.18 22:57:39 | 000,033,688 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2017.03.18 22:57:38 | 000,056,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2017.03.18 22:57:38 | 000,049,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2017.03.18 22:57:35 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2017.03.18 22:57:24 | 000,088,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2017.03.18 22:57:15 | 000,112,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2017.03.18 22:57:05 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2017.03.18 22:57:03 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2017.03.18 22:57:00 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2017.03.18 22:56:44 | 000,294,816 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2017.03.18 22:56:44 | 000,121,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2017.03.18 22:56:44 | 000,044,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2017.03.18 22:56:41 | 000,213,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2017.03.18 22:56:41 | 000,127,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2017.03.18 22:56:41 | 000,117,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2017.03.18 22:56:41 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2017.03.18 22:56:41 | 000,054,272 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2017.03.18 22:56:41 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2017.03.18 22:56:41 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2017.03.18 22:56:35 | 000,553,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2017.03.18 22:56:35 | 000,287,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2017.03.18 22:56:35 | 000,219,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2017.03.18 22:56:35 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2017.03.18 22:56:35 | 000,094,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2017.03.18 22:56:35 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2017.03.18 22:56:35 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2017.03.18 22:56:35 | 000,051,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2017.03.18 22:56:35 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2017.03.18 22:56:35 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2017.03.18 22:56:35 | 000,018,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2017.03.18 22:56:34 | 000,277,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2017.03.18 22:56:34 | 000,138,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2017.03.18 22:56:34 | 000,098,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2017.03.18 22:56:34 | 000,049,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2017.03.18 22:56:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2017.03.18 22:56:34 | 000,029,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2017.03.18 22:56:34 | 000,028,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2017.03.18 22:56:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2017.03.18 22:56:34 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2017.03.18 22:56:28 | 000,168,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:64bit: - [2017.03.18 22:56:28 | 000,165,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2017.03.18 22:56:28 | 000,085,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:64bit: - [2017.03.18 22:56:28 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2017.03.18 22:56:28 | 000,074,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2017.03.18 22:56:28 | 000,070,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2017.03.18 22:56:28 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2017.03.18 22:56:28 | 000,053,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:64bit: - [2017.03.18 22:56:28 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2017.03.18 22:56:28 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2017.03.18 22:56:28 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2017.03.18 22:56:28 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2017.03.18 22:56:28 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2017.03.18 22:56:28 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2017.03.18 22:56:26 | 000,673,184 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2017.03.18 22:56:26 | 000,604,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:64bit: - [2017.03.18 22:56:26 | 000,587,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2017.03.18 22:56:26 | 000,405,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:64bit: - [2017.03.18 22:56:26 | 000,144,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2017.03.18 22:56:26 | 000,101,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:64bit: - [2017.03.18 22:56:26 | 000,095,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2017.03.18 22:56:26 | 000,091,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2017.03.18 22:56:26 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimmn.sys -- (nvdimmn)
DRV:64bit: - [2017.03.18 22:56:26 | 000,078,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2017.03.18 22:56:26 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2017.03.18 22:56:26 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2017.03.18 22:56:26 | 000,051,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:64bit: - [2017.03.18 22:56:26 | 000,036,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2017.03.18 22:56:26 | 000,031,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:64bit: - [2017.03.18 22:56:26 | 000,029,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2017.03.18 22:56:26 | 000,016,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2017.03.18 22:56:26 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2017.03.18 22:56:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2017.03.18 22:56:25 | 002,104,224 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2017.03.18 22:56:25 | 001,135,512 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2017.03.18 22:56:25 | 000,842,656 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2017.03.18 22:56:25 | 000,526,240 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2017.03.18 22:56:25 | 000,347,032 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2017.03.18 22:56:25 | 000,305,568 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2017.03.18 22:56:25 | 000,259,488 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2017.03.18 22:56:25 | 000,123,808 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2017.03.18 22:56:25 | 000,122,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2017.03.18 22:56:25 | 000,108,960 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2017.03.18 22:56:25 | 000,107,424 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2017.03.18 22:56:25 | 000,103,328 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2017.03.18 22:56:25 | 000,083,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2017.03.18 22:56:25 | 000,082,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2017.03.18 22:56:25 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2017.03.18 22:56:25 | 000,064,416 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2017.03.18 22:56:25 | 000,064,416 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2017.03.18 22:56:25 | 000,063,904 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2017.03.18 22:56:25 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2017.03.18 22:56:25 | 000,058,784 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2017.03.18 22:56:25 | 000,032,160 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2017.03.18 22:56:25 | 000,031,136 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2017.03.18 22:56:25 | 000,027,040 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2017.03.18 22:56:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2017.03.18 22:56:25 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2017.03.18 22:56:23 | 003,419,040 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2017.03.18 22:56:23 | 000,533,920 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2017.03.18 22:56:23 | 000,074,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2017.03.18 22:56:23 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2017.03.18 22:56:19 | 000,119,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2017.03.18 22:56:19 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2017.03.18 22:56:19 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2017.03.18 22:56:19 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2017.03.18 22:56:19 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2017.03.18 22:56:19 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2017.03.01 23:17:40 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV:64bit: - [2017.03.01 23:17:37 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2016.12.21 14:52:50 | 000,040,240 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2016.09.05 06:47:12 | 000,165,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2016.09.05 06:47:06 | 000,131,712 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2016.06.07 02:31:06 | 000,052,152 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kltap.sys -- (kltap)
DRV:64bit: - [2016.03.24 13:07:14 | 000,034,416 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2016.01.19 23:50:38 | 000,202,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV - [2017.05.02 22:18:08 | 014,456,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys -- (nvlddmkm)
DRV - [2017.04.23 20:01:58 | 000,027,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\winki\AppData\Local\Temp\GPU-Z.sys -- (GPU-Z)
DRV - [2017.03.18 22:56:19 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys -- (CompositeBus)

windyOMG · #27 Příspěvek od **windyOMG** » 14 kvě 2017 18:47

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 04 BC 7D 60 F2 A2 D2 01 [binary data]
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\winki\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\winki\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2017.04.07 11:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Extensions
[2017.05.09 12:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\browser-extension-data
[2017.05.09 12:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\browser-extension-data\sp@avast.com
[2017.05.09 12:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\browser-extension-data\wrc@avast.com
[2017.05.08 04:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions
[2017.05.08 04:30:36 | 000,352,829 | ---- | M] () (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions\sp@avast.com.xpi
[2017.05.08 04:30:36 | 000,692,271 | ---- | M] () (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions\wrc@avast.com.xpi
[2017.05.10 12:33:27 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\features\{2542ac87-aeb2-4634-ada1-ec71991b2ba0}\shield-recipe-client@mozilla.org.xpi
[2017.05.10 11:23:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.6_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.54_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl\2.2_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm\2.12.9_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\57.0.2987.84_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi\1.5.0.20_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\6.91_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.4.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg\9.3_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.12_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\

O1 HOSTS File: ([2017.04.18 12:54:10 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [LogiOptions] C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [5KPlayer.exe] C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe ()
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [Google Update] C:\Users\winki\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe (Google Inc.)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [OneDrive] C:\Users\winki\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [Spotify Web Helper] C:\Users\winki\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.5.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f6f79c62-3dd4-4c57-afbc-ad196e28e681}: DhcpNameServer = 192.168.5.1 8.8.8.8
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
NetSvcs:64bit: shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NetSvcs:64bit: XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
NetSvcs:64bit: NaturalAuthentication - C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
NetSvcs:64bit: XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
NetSvcs:64bit: DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:64bit: xbgm - C:\Windows\SysNative\xbgmsvc.dll (Microsoft Corporation)
NetSvcs:64bit: TokenBroker - C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
NetSvcs:64bit: dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
NetSvcs:64bit: wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
NetSvcs:64bit: WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
NetSvcs:64bit: XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:64bit: UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
NetSvcs:64bit: NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: XboxGipSvc - C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: TokenBroker - C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2017.05.14 03:49:53 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\AdobeGC
[2017.05.13 18:41:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf5c22d6750ddac1d
[2017.05.13 18:40:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignae896445d7bac9eb
[2017.05.13 18:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne40b791031c4cce9
[2017.05.13 18:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign379f5a0cb355b263
[2017.05.13 18:16:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd4ff1751dec261aa
[2017.05.13 18:16:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncf4249153baa79b7
[2017.05.13 18:16:32 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignae8ff2788a5f26c7
[2017.05.13 18:16:32 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign581b9270483465b3
[2017.05.13 18:16:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna967a282f0538743
[2017.05.13 18:16:16 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne7dc96d72c39c073
[2017.05.13 18:16:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncad9523386f18c8c
[2017.05.13 18:16:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign704bc2e21f21aff6
[2017.05.13 14:38:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.05.12 23:28:18 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\speech
[2017.05.12 16:37:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Google
[2017.05.12 16:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VideoCopilot
[2017.05.11 20:17:46 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncf6c3b7bd363e978
[2017.05.11 20:17:46 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0431e8aed84beeeb
[2017.05.11 20:17:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf793f0a9ab9a9890
[2017.05.11 20:17:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc0d1baa1b0324e1a
[2017.05.11 12:19:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2017.05.11 12:12:31 | 020,505,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.05.11 12:12:31 | 006,759,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.05.11 12:12:31 | 006,728,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017.05.11 12:12:31 | 006,292,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.05.11 12:12:31 | 004,559,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.05.11 12:12:31 | 004,469,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.05.11 12:12:31 | 003,667,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.05.11 12:12:31 | 002,957,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.05.11 12:12:31 | 002,330,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017.05.11 12:12:31 | 002,298,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017.05.11 12:12:31 | 002,259,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.05.11 12:12:31 | 002,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.05.11 12:12:31 | 001,463,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2017.05.11 12:12:31 | 001,411,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.05.11 12:12:31 | 001,291,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.05.11 12:12:31 | 001,285,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2017.05.11 12:12:31 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.05.11 12:12:31 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.05.11 12:12:31 | 000,987,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2017.05.11 12:12:31 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017.05.11 12:12:31 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2017.05.11 12:12:31 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2017.05.11 12:12:31 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017.05.11 12:12:31 | 000,790,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017.05.11 12:12:31 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmgaserver.exe
[2017.05.11 12:12:31 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.05.11 12:12:31 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.05.11 12:12:31 | 000,583,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.05.11 12:12:31 | 000,559,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.05.11 12:12:31 | 000,523,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2017.05.11 12:12:31 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2017.05.11 12:12:31 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2017.05.11 12:12:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2017.05.11 12:12:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.05.11 12:12:31 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.05.11 12:12:31 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2017.05.11 12:12:31 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2017.05.11 12:12:31 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2017.05.11 12:12:31 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2017.05.11 12:12:31 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2017.05.11 12:12:31 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudBackupSettings.dll
[2017.05.11 12:12:31 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2017.05.11 12:12:31 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017.05.11 12:12:31 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017.05.11 12:12:31 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017.05.11 12:12:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2017.05.11 12:12:31 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2017.05.11 12:12:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.05.11 12:12:25 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Preview.dll
[2017.05.11 12:12:25 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.05.11 12:12:20 | 007,904,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.05.11 12:12:20 | 001,260,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.05.11 12:12:20 | 001,051,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017.05.11 12:12:20 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017.05.11 12:12:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.05.11 12:12:19 | 005,557,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.05.11 12:12:19 | 003,672,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.05.11 12:12:19 | 002,056,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.05.11 12:12:19 | 001,075,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2017.05.11 12:12:19 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.05.11 12:12:19 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.05.11 12:12:19 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2017.05.11 12:12:19 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2017.05.11 12:12:19 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.05.11 12:12:19 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2017.05.11 12:12:19 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationObjFactory.dll
[2017.05.11 12:12:19 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2017.05.11 12:12:19 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2017.05.11 12:12:19 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2017.05.11 12:12:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.05.11 12:12:18 | 007,931,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017.05.11 12:12:18 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2017.05.11 12:12:18 | 002,499,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2017.05.11 12:12:18 | 002,435,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017.05.11 12:12:18 | 001,878,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.05.11 12:12:18 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2017.05.11 12:12:18 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.05.11 12:12:18 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017.05.11 12:12:18 | 001,103,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017.05.11 12:12:18 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2017.05.11 12:12:18 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017.05.11 12:12:18 | 000,985,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017.05.11 12:12:18 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2017.05.11 12:12:18 | 000,651,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.05.11 12:12:18 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2017.05.11 12:12:17 | 008,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.05.11 12:12:17 | 004,730,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.05.11 12:12:17 | 004,446,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.05.11 12:12:17 | 001,433,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017.05.11 12:12:17 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.05.11 12:12:17 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.05.11 12:12:16 | 008,320,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.05.11 12:12:16 | 005,477,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.05.11 12:12:16 | 002,765,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
[2017.05.11 12:12:16 | 001,320,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpx.dll
[2017.05.11 12:12:16 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.05.11 12:12:16 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2017.05.11 12:12:16 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2017.05.11 12:12:16 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.05.11 12:12:16 | 000,775,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017.05.11 12:12:16 | 000,716,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2017.05.11 12:12:16 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2017.05.11 12:12:16 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2017.05.11 12:12:16 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2017.05.11 12:12:15 | 002,399,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.05.11 12:12:15 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmgaserver.exe
[2017.05.11 12:12:15 | 000,741,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.05.11 12:12:15 | 000,712,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.05.11 12:12:15 | 000,708,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2017.05.11 12:12:15 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017.05.11 12:12:15 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2017.05.11 12:12:15 | 000,646,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2017.05.11 12:12:15 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2017.05.11 12:12:15 | 000,387,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.05.11 12:12:15 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.ps.dll
[2017.05.11 12:12:15 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.05.11 12:12:14 | 023,677,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.05.11 12:12:14 | 001,583,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2017.05.11 12:12:14 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.05.11 12:12:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.05.11 12:12:14 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2017.05.11 12:12:14 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017.05.11 12:12:14 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.05.11 12:12:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017.05.11 12:12:14 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017.05.11 12:12:14 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2017.05.11 12:12:14 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017.05.11 12:12:12 | 004,848,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.05.11 12:12:12 | 004,396,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.05.11 12:12:12 | 002,969,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.05.11 12:12:12 | 002,651,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017.05.11 12:12:12 | 002,077,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.05.11 12:12:12 | 001,852,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017.05.11 12:12:12 | 001,604,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.05.11 12:12:12 | 001,600,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2017.05.11 12:12:12 | 001,295,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2017.05.11 12:12:12 | 001,269,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2017.05.11 12:12:12 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017.05.11 12:12:12 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2017.05.11 12:12:12 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2017.05.11 12:12:12 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2017.05.11 12:12:12 | 000,105,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2017.05.11 12:12:11 | 003,116,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.05.11 12:12:11 | 001,325,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017.05.11 12:12:11 | 000,667,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.05.11 12:12:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2017.05.11 12:12:11 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvps.dll
[2017.05.11 12:12:10 | 001,628,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017.05.11 12:12:10 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2017.05.11 12:12:10 | 000,142,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2017.05.11 12:12:08 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudBackupSettings.dll
[2017.05.11 12:12:08 | 000,207,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.05.11 12:12:08 | 000,027,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe
[2017.05.11 12:12:07 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.05.11 12:12:07 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.05.11 12:12:07 | 001,854,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntVirtualization.dll
[2017.05.11 12:12:07 | 001,468,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.05.11 12:12:07 | 001,452,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystemController.dll
[2017.05.11 12:12:07 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2017.05.11 12:12:07 | 000,673,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2017.05.11 12:12:07 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017.05.11 12:12:07 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2017.05.11 12:12:07 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2017.05.11 12:12:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll
[2017.05.11 12:12:06 | 002,085,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2017.05.11 12:12:06 | 000,923,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.05.11 12:12:06 | 000,872,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2017.05.11 12:12:06 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2017.05.11 12:12:06 | 000,543,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.05.11 12:12:06 | 000,524,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2017.05.11 12:12:06 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.05.11 12:12:04 | 000,388,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2017.05.11 12:12:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2017.05.11 12:12:04 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017.05.08 22:31:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne26c1ac22bd462de
[2017.05.08 21:58:44 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9e7938b39d386aab
[2017.05.08 21:58:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc39221c5bce56df7
[2017.05.08 21:58:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9dfd3197a7b8900f
[2017.05.08 21:58:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8f1b12b8e395c2bb
[2017.05.08 04:30:42 | 000,400,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2017.05.05 00:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio
[2017.05.05 00:22:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Factorio
[2017.05.04 20:50:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Red Giant
[2017.05.04 20:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\LooksBuilder
[2017.05.04 16:57:19 | 000,134,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2017.05.04 16:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2017.05.04 16:55:23 | 035,388,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2017.05.04 16:55:23 | 011,056,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2017.05.04 16:55:23 | 010,547,440 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2017.05.04 16:55:23 | 009,014,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2017.05.04 16:55:23 | 008,805,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2017.05.04 16:55:22 | 040,201,848 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2017.05.04 16:55:22 | 035,281,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.05.04 16:55:22 | 011,024,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2017.05.04 16:55:22 | 009,245,744 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2017.05.04 16:55:22 | 003,792,320 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2017.05.04 16:55:22 | 003,247,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2017.05.04 16:55:22 | 001,988,032 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438205.dll
[2017.05.04 16:55:22 | 001,589,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438205.dll
[2017.05.04 16:55:22 | 001,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2017.05.04 16:55:22 | 001,276,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFThevc.dll
[2017.05.04 16:55:22 | 001,054,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2017.05.04 16:55:22 | 000,995,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2017.05.04 16:55:22 | 000,993,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFThevc.dll
[2017.05.04 16:55:22 | 000,991,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2017.05.04 16:55:22 | 000,960,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2017.05.04 16:55:22 | 000,911,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2017.05.04 16:55:22 | 000,821,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2017.05.04 16:55:22 | 000,776,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2017.05.04 16:55:22 | 000,688,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2017.05.04 16:55:22 | 000,651,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2017.05.04 16:55:22 | 000,618,744 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmcumd.dll
[2017.05.04 16:55:22 | 000,612,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2017.05.04 16:55:22 | 000,609,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2017.05.04 16:55:22 | 000,577,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2017.05.04 16:55:22 | 000,499,320 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2017.05.03 15:58:44 | 000,513,144 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2017.05.03 15:57:29 | 001,988,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438189.dll
[2017.05.03 15:57:29 | 001,589,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438189.dll
[2017.05.03 15:44:27 | 000,153,536 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2017.05.03 15:44:27 | 000,127,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2017.05.01 23:58:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\VS Revo Group
[2017.05.01 23:58:12 | 000,040,240 | ---- | C] (VS Revo Group) -- C:\WINDOWS\SysNative\drivers\revoflt.sys
[2017.05.01 23:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2017.05.01 23:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2017.05.01 23:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2017.04.28 17:23:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign13981d18137ad82a
[2017.04.28 16:48:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbdd2a2d86ef77dc1
[2017.04.28 16:48:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign930ee542570c4560
[2017.04.27 22:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb477b0518b676774
[2017.04.27 22:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign629bea0186baaed8
[2017.04.27 22:40:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf7aae8e80bdac187
[2017.04.27 22:40:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne328759f20e9e618
[2017.04.27 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb4d8d7dfb50fead1
[2017.04.27 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign2470776e10a697bd
[2017.04.27 22:36:10 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign640f53b6124855d8
[2017.04.27 22:36:10 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign137e2625931c94b4
[2017.04.27 22:36:00 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigneea7c8172ba8c408
[2017.04.27 22:36:00 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignda27637ba242b7e7
[2017.04.27 22:35:39 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna0b2640d105c1997
[2017.04.27 22:35:39 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign04d866d89c22db72
[2017.04.27 16:59:40 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign00f83501a9ebf265
[2017.04.27 16:59:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign3746836e43f90599
[2017.04.27 16:58:42 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne9f5ade61b66f630
[2017.04.27 16:58:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncfd0645bed94c498
[2017.04.27 16:58:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna2bf50ef94e72e7a
[2017.04.26 03:08:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2017.04.25 14:10:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\dvdcss
[2017.04.25 14:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2017.04.25 14:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2017.04.25 14:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2017.04.25 14:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5kplayer
[2017.04.25 14:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DearMob
[2017.04.25 14:09:47 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\5kplayer
[2017.04.25 14:01:33 | 000,000,000 | ---D | C] -- C:\Users\winki\Documents\Aviosoft
[2017.04.24 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfee4c261cdd90e2e
[2017.04.24 23:54:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign891c6abbabb52a27
[2017.04.24 23:54:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0d01e7714212ed5c
[2017.04.24 21:39:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2017.04.24 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigndec9157c8ddb3c70
[2017.04.24 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign448df59b5f76dffa
[2017.04.24 11:41:05 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5e1d5d87412024d4
[2017.04.24 11:40:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd986c4682bcf93c8
[2017.04.24 11:40:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign66d86ea17898ae97
[2017.04.24 11:22:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5bccc938cf585fe4
[2017.04.24 11:22:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign08ab7d9c25864558
[2017.04.24 10:56:54 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncceb35b134d8de5e
[2017.04.24 10:56:54 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6a3dc533d0e3c0ff
[2017.04.24 05:18:35 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc496fc0564cab0a8
[2017.04.24 05:18:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignac0ea24355f7192b
[2017.04.24 05:18:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5d06880071bd8ad6
[2017.04.24 05:00:03 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignda266668d7b8db79
[2017.04.24 04:59:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4ce5d0075f3766c6
[2017.04.24 04:59:19 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignad948fdaf72bf569
[2017.04.24 04:59:19 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign333541d2930c31cb
[2017.04.24 04:19:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne64e082df04d9341
[2017.04.24 04:19:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd801b3974ef1cb4b
[2017.04.24 04:19:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign7475f65b71538a7a
[2017.04.24 04:15:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb57228b8f3004e4e
[2017.04.24 04:15:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign311e91a97408ee74
[2017.04.24 04:07:55 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign64aa6402f28e6e8d
[2017.04.24 04:07:55 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign498add4d41bcda50
[2017.04.24 04:07:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign38b4bd3b46b5d81f
[2017.04.24 04:07:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign275877caef5e8766
[2017.04.24 03:50:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign1dda067de6628e85
[2017.04.24 03:30:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncdadaec9e7f51e3b
[2017.04.24 03:06:44 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfaeaaf948012a30e
[2017.04.24 03:04:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign333c7fa001bac9d5
[2017.04.24 02:23:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign82dd7206540bfd3c
[2017.04.23 23:54:32 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign46eceefee4470e67
[2017.04.23 23:54:31 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9942de3af9eb2130
[2017.04.23 23:45:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6d101089f4cc8b94
[2017.04.23 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign52e2f2d40e4c0908
[2017.04.23 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4b90c8cdb952de3d
[2017.04.23 20:01:54 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
[2017.04.23 20:01:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2017.04.23 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncf56e2eee65cb2c9
[2017.04.23 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbad00783bea2dde5
[2017.04.23 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign16cbbd27226fe929
[2017.04.23 02:37:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0ab62dd1e375a428
[2017.04.23 02:37:19 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne3b2119bcff5c433
[2017.04.23 02:37:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne62fbaf5a5f40115
[2017.04.23 02:37:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna246eaa2058bf1e1
[2017.04.23 02:36:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf3a532af00cb3956
[2017.04.23 02:36:46 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne5cbcbc3e1bb543d
[2017.04.23 02:36:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc9005e14120a9f0c
[2017.04.23 02:36:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign12d1c5d8fa10327a
[2017.04.23 02:35:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd3dff5d72ef39bbc
[2017.04.23 02:35:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9291e4f86535c88c
[2017.04.23 02:35:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbc41ad696c26644f
[2017.04.23 02:35:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign44dd9d6d197ba8ff
[2017.04.22 22:57:42 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd48750f8e8549bfe
[2017.04.22 22:57:42 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign89f83eaa392c0995
[2017.04.22 22:57:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign7a7c209d2207d618
[2017.04.22 22:57:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9d45355b486acd78
[2017.04.22 22:57:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign824904fd146d31a9
[2017.04.22 22:57:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign591ed7bb8db19d33
[2017.04.22 21:42:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf90a3280a254b021
[2017.04.22 21:42:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd353e40b6cbdbce1
[2017.04.22 21:42:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8255e721b8e77cdf
[2017.04.22 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignaf718082d82d8a9f
[2017.04.22 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8458e4b819312128
[2017.04.22 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign23a11b0ba32b1939
[2017.04.22 21:41:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf2e1d2320fd8f556
[2017.04.22 21:41:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc5c8cd0e33744dd3
[2017.04.22 21:30:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AdobeInstalledCodecs
[2017.04.22 21:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2017.04.21 22:44:38 | 000,000,000 | ---D | C] -- C:\MoTemp
[2017.04.21 22:44:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Imagineer Systems Ltd
[2017.04.21 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc5be1eead629af95
[2017.04.21 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbba20e9b82512859
[2017.04.21 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign49c80d80bafd90d6
[2017.04.21 15:25:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb12a8c45ef3f4b01
[2017.04.21 15:25:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign2d975f9cf007b893
[2017.04.21 15:25:09 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign522270e676141beb
[2017.04.21 15:25:09 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4c52d376daed448e
[2017.04.21 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6812311677203235
[2017.04.21 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5805bba2237c74e9
[2017.04.21 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign29d404fdaf31a2a0
[2017.04.21 14:51:08 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign208f876a10d07a1d
[2017.04.21 14:49:12 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign629403745e711471
[2017.04.21 14:49:10 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8b348f91448a41d4
[2017.04.21 14:49:09 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb1656f7ad9f612f7
[2017.04.21 13:48:58 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb97d4194a3ed4c3c
[2017.04.21 13:48:58 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign468dca8834f72326
[2017.04.21 13:47:55 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna2d9937729a5a39c
[2017.04.21 13:47:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9047687bf044ce0e
[2017.04.21 13:47:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign25f9600bf808083c
[2017.04.21 12:41:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd807bd61a50c28df
[2017.04.21 12:41:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb3f12187ce23f6f8
[2017.04.20 22:04:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9de081fc80c494ae
[2017.04.20 22:03:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4e9fa8c89d7f86c1
[2017.04.20 22:03:20 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4c12072d772b4621
[2017.04.20 22:03:20 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign02e44ccec66e3d19
[2017.04.20 21:55:37 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncbc428d28be02e87
[2017.04.20 21:55:35 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4314bda28723a783
[2017.04.20 21:55:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne6b4f9619889007e
[2017.04.20 21:55:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignadaa36fb6f8d6dc6
[2017.04.20 18:43:12 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign2e5f6f6123f590d4
[2017.04.20 18:43:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignce25c2fd5c80f19c
[2017.04.20 18:43:08 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb128eea8632100a7
[2017.04.20 18:43:08 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9d317ee1ee6c9cd8
[2017.04.20 18:41:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne64b443c38284b1a
[2017.04.20 18:41:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigndefc08432c2e71fe
[2017.04.20 18:41:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9db4187beddac3f1
[2017.04.20 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfe0ee341a910adfd
[2017.04.20 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign65a30d191a42e1a6
[2017.04.20 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0c816b4efca6a6cf
[2017.04.20 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigned8abf1ae9542c61
[2017.04.20 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9c017fc6c452aab2
[2017.04.20 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0c0eb275b67e7acd
[2017.04.20 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd962f4e55c2db9e5
[2017.04.20 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignaeda5862e1dc322d
[2017.04.20 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign3ef31e5d87d1f4d3
[2017.04.20 11:28:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\DBG
[2017.04.19 13:01:53 | 000,000,000 | ---D | C] -- C:\Windows.old
[2017.04.19 13:01:45 | 001,506,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017.04.19 13:01:45 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2017.04.19 13:01:45 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.04.19 13:01:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsDocumentTargetPrint.dll
[2017.04.19 13:01:45 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017.04.19 13:01:43 | 001,760,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017.04.19 13:01:43 | 001,657,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2017.04.19 13:01:43 | 001,605,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017.04.19 13:01:43 | 001,147,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.04.19 13:01:43 | 001,024,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.04.19 13:01:43 | 000,750,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.04.19 13:01:43 | 000,626,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.04.19 13:01:43 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017.04.19 13:01:43 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.04.19 13:01:43 | 000,409,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.04.19 13:01:43 | 000,382,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.04.19 13:01:43 | 000,354,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.04.19 13:01:43 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsDocumentTargetPrint.dll
[2017.04.19 13:01:43 | 000,311,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.04.19 13:01:43 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.04.19 13:01:43 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2017.04.19 13:01:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2017.04.19 13:01:43 | 000,047,104 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2017.04.19 13:01:43 | 000,038,912 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2017.04.19 13:01:13 | 006,348,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsData0009.dll
[2017.04.19 13:01:13 | 005,739,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prm0009.dll
[2017.04.19 13:01:13 | 002,629,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsLexicons0009.dll
[2017.04.19 13:00:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2017.04.19 13:00:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2017.04.19 12:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2017.04.19 12:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2017.04.19 12:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017.04.19 12:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017.04.19 12:05:39 | 002,233,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2017.04.19 12:04:11 | 000,000,000 | --SD | C] -- C:\Users\winki\AppData\Roaming\Microsoft
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\AppData\Local\Temporary Internet Files
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Šablony
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Soubory cookie
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\SendTo
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Poslední
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Okolní tiskárny
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Okolní síť
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Documents\Obrázky
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Nabídka Start
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Local Settings
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Documents\Hudba
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\AppData\Local\History
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Documents\Filmy
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Dokumenty
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Data aplikací
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\AppData\Local\Data aplikací
[2017.04.19 12:04:11 | 000,000,000 | -H-D | C] -- C:\Users\winki\AppData
[2017.04.19 12:04:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Temp
[2017.04.19 12:04:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Microsoft
[2017.04.19 12:04:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017.04.19 12:04:01 | 006,437,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2017.04.19 12:04:01 | 002,479,552 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2017.04.19 12:04:01 | 001,762,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2017.04.19 12:04:01 | 000,548,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2017.04.19 12:04:01 | 000,392,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2017.04.19 12:04:01 | 000,081,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2017.04.19 12:04:01 | 000,069,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2017.04.19 12:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2017.04.19 12:03:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2017.04.19 12:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2017.04.19 12:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2017.04.19 12:03:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2017.04.19 12:03:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2017.04.19 12:03:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2017.04.18 20:23:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc2d169af56cbf558
[2017.04.18 20:23:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6ab506a96f84c28e
[2017.04.18 20:23:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4816c8bf468a7909
[2017.04.18 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6ec04166cdd5e691
[2017.04.18 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign259bf4cb1dd3fdd9
[2017.04.18 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0c90ede3db4b4084
[2017.04.18 20:09:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc9c80737b4f9d051
[2017.04.18 20:09:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign63f5cf114822e2f4
[2017.04.18 20:09:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign1f9f5565fd0529b5
[2017.04.18 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf1d33b5aca431f07
[2017.04.18 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncadf06b14089cd35
[2017.04.18 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign7c31f272761f197f
[2017.04.18 20:01:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfe596db5ac613b43
[2017.04.18 20:01:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd4d987a035dfb32d
[2017.04.18 20:01:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb31188562d8bf4b3
[2017.04.18 19:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne1470ea06c35c143
[2017.04.18 19:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbbbe53647dc84f07
[2017.04.18 19:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign3be68492feccd027
[2017.04.18 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigndddd5eee344b2a9e
[2017.04.18 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign828904dd41f72875
[2017.04.18 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign282f30c4ecab02aa
[2017.04.17 15:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2017.04.15 12:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.04.15 12:34:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes

windyOMG · #28 Příspěvek od **windyOMG** » 14 kvě 2017 18:48

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 04 BC 7D 60 F2 A2 D2 01 [binary data]
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-116116240-444440880-2871013289-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\winki\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\winki\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2017.04.07 11:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Extensions
[2017.05.09 12:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\browser-extension-data
[2017.05.09 12:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\browser-extension-data\sp@avast.com
[2017.05.09 12:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\browser-extension-data\wrc@avast.com
[2017.05.08 04:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions
[2017.05.08 04:30:36 | 000,352,829 | ---- | M] () (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions\sp@avast.com.xpi
[2017.05.08 04:30:36 | 000,692,271 | ---- | M] () (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions\wrc@avast.com.xpi
[2017.05.10 12:33:27 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\features\{2542ac87-aeb2-4634-ada1-ec71991b2ba0}\shield-recipe-client@mozilla.org.xpi
[2017.05.10 11:23:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\2.0.6_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.54_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl\2.2_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm\2.12.9_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\57.0.2987.84_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi\1.5.0.20_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\6.91_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.4.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg\9.3_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.12_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\

O1 HOSTS File: ([2017.04.18 12:54:10 | 000,000,000 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [LogiOptions] C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [5KPlayer.exe] C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe ()
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies Ltd.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [Google Update] C:\Users\winki\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe (Google Inc.)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [OneDrive] C:\Users\winki\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKU\S-1-5-21-116116240-444440880-2871013289-1001..\Run: [Spotify Web Helper] C:\Users\winki\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.5.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f6f79c62-3dd4-4c57-afbc-ad196e28e681}: DhcpNameServer = 192.168.5.1 8.8.8.8
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: dosvc - C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
NetSvcs:64bit: shpamsvc - C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NetSvcs:64bit: XblGameSave - C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
NetSvcs:64bit: NaturalAuthentication - C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: UserManager - C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
NetSvcs:64bit: XblAuthManager - C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
NetSvcs:64bit: DmEnrollmentSvc - C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
NetSvcs:64bit: xbgm - C:\Windows\SysNative\xbgmsvc.dll (Microsoft Corporation)
NetSvcs:64bit: TokenBroker - C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
NetSvcs:64bit: dmwappushservice - C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
NetSvcs:64bit: wisvc - C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
NetSvcs:64bit: WpnService - C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
NetSvcs:64bit: XboxNetApiSvc - C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
NetSvcs:64bit: UsoSvc - C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
NetSvcs:64bit: NetSetupSvc - C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: XboxGipSvc - C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: TokenBroker - C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2017.05.14 03:49:53 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\AdobeGC
[2017.05.13 18:41:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf5c22d6750ddac1d
[2017.05.13 18:40:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignae896445d7bac9eb
[2017.05.13 18:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne40b791031c4cce9
[2017.05.13 18:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign379f5a0cb355b263
[2017.05.13 18:16:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd4ff1751dec261aa
[2017.05.13 18:16:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncf4249153baa79b7
[2017.05.13 18:16:32 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignae8ff2788a5f26c7
[2017.05.13 18:16:32 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign581b9270483465b3
[2017.05.13 18:16:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna967a282f0538743
[2017.05.13 18:16:16 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne7dc96d72c39c073
[2017.05.13 18:16:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncad9523386f18c8c
[2017.05.13 18:16:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign704bc2e21f21aff6
[2017.05.13 14:38:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.05.12 23:28:18 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\speech
[2017.05.12 16:37:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Google
[2017.05.12 16:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\VideoCopilot
[2017.05.11 20:17:46 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncf6c3b7bd363e978
[2017.05.11 20:17:46 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0431e8aed84beeeb
[2017.05.11 20:17:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf793f0a9ab9a9890
[2017.05.11 20:17:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc0d1baa1b0324e1a
[2017.05.11 12:19:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2017.05.11 12:12:31 | 020,505,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.05.11 12:12:31 | 006,759,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.05.11 12:12:31 | 006,728,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017.05.11 12:12:31 | 006,292,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.05.11 12:12:31 | 004,559,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.05.11 12:12:31 | 004,469,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.05.11 12:12:31 | 003,667,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.05.11 12:12:31 | 002,957,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.05.11 12:12:31 | 002,330,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017.05.11 12:12:31 | 002,298,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017.05.11 12:12:31 | 002,259,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.05.11 12:12:31 | 002,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.05.11 12:12:31 | 001,463,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2017.05.11 12:12:31 | 001,411,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.05.11 12:12:31 | 001,291,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.05.11 12:12:31 | 001,285,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2017.05.11 12:12:31 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.05.11 12:12:31 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.05.11 12:12:31 | 000,987,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2017.05.11 12:12:31 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017.05.11 12:12:31 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2017.05.11 12:12:31 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2017.05.11 12:12:31 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017.05.11 12:12:31 | 000,790,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017.05.11 12:12:31 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmgaserver.exe
[2017.05.11 12:12:31 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.05.11 12:12:31 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.05.11 12:12:31 | 000,583,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.05.11 12:12:31 | 000,559,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.05.11 12:12:31 | 000,523,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2017.05.11 12:12:31 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2017.05.11 12:12:31 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2017.05.11 12:12:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2017.05.11 12:12:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.05.11 12:12:31 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.05.11 12:12:31 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2017.05.11 12:12:31 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2017.05.11 12:12:31 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2017.05.11 12:12:31 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2017.05.11 12:12:31 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2017.05.11 12:12:31 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudBackupSettings.dll
[2017.05.11 12:12:31 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2017.05.11 12:12:31 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017.05.11 12:12:31 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017.05.11 12:12:31 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017.05.11 12:12:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2017.05.11 12:12:31 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2017.05.11 12:12:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.05.11 12:12:25 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Preview.dll
[2017.05.11 12:12:25 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.05.11 12:12:20 | 007,904,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.05.11 12:12:20 | 001,260,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.05.11 12:12:20 | 001,051,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017.05.11 12:12:20 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017.05.11 12:12:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.05.11 12:12:19 | 005,557,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.05.11 12:12:19 | 003,672,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.05.11 12:12:19 | 002,056,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.05.11 12:12:19 | 001,075,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2017.05.11 12:12:19 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.05.11 12:12:19 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.05.11 12:12:19 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2017.05.11 12:12:19 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2017.05.11 12:12:19 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.05.11 12:12:19 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2017.05.11 12:12:19 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationObjFactory.dll
[2017.05.11 12:12:19 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2017.05.11 12:12:19 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2017.05.11 12:12:19 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2017.05.11 12:12:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.05.11 12:12:18 | 007,931,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017.05.11 12:12:18 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2017.05.11 12:12:18 | 002,499,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2017.05.11 12:12:18 | 002,435,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017.05.11 12:12:18 | 001,878,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.05.11 12:12:18 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2017.05.11 12:12:18 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.05.11 12:12:18 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017.05.11 12:12:18 | 001,103,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017.05.11 12:12:18 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2017.05.11 12:12:18 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017.05.11 12:12:18 | 000,985,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017.05.11 12:12:18 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2017.05.11 12:12:18 | 000,651,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.05.11 12:12:18 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2017.05.11 12:12:17 | 008,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.05.11 12:12:17 | 004,730,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.05.11 12:12:17 | 004,446,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.05.11 12:12:17 | 001,433,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017.05.11 12:12:17 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.05.11 12:12:17 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.05.11 12:12:16 | 008,320,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.05.11 12:12:16 | 005,477,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.05.11 12:12:16 | 002,765,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
[2017.05.11 12:12:16 | 001,320,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpx.dll
[2017.05.11 12:12:16 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.05.11 12:12:16 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2017.05.11 12:12:16 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2017.05.11 12:12:16 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.05.11 12:12:16 | 000,775,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017.05.11 12:12:16 | 000,716,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2017.05.11 12:12:16 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2017.05.11 12:12:16 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2017.05.11 12:12:16 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2017.05.11 12:12:15 | 002,399,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.05.11 12:12:15 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmgaserver.exe
[2017.05.11 12:12:15 | 000,741,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.05.11 12:12:15 | 000,712,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.05.11 12:12:15 | 000,708,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2017.05.11 12:12:15 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017.05.11 12:12:15 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2017.05.11 12:12:15 | 000,646,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2017.05.11 12:12:15 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2017.05.11 12:12:15 | 000,387,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.05.11 12:12:15 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.ps.dll
[2017.05.11 12:12:15 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.05.11 12:12:14 | 023,677,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.05.11 12:12:14 | 001,583,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2017.05.11 12:12:14 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.05.11 12:12:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.05.11 12:12:14 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2017.05.11 12:12:14 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017.05.11 12:12:14 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.05.11 12:12:14 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017.05.11 12:12:14 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017.05.11 12:12:14 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2017.05.11 12:12:14 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017.05.11 12:12:12 | 004,848,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.05.11 12:12:12 | 004,396,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.05.11 12:12:12 | 002,969,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.05.11 12:12:12 | 002,651,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017.05.11 12:12:12 | 002,077,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.05.11 12:12:12 | 001,852,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017.05.11 12:12:12 | 001,604,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.05.11 12:12:12 | 001,600,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2017.05.11 12:12:12 | 001,295,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2017.05.11 12:12:12 | 001,269,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2017.05.11 12:12:12 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017.05.11 12:12:12 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2017.05.11 12:12:12 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2017.05.11 12:12:12 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2017.05.11 12:12:12 | 000,105,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2017.05.11 12:12:11 | 003,116,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.05.11 12:12:11 | 001,325,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017.05.11 12:12:11 | 000,667,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.05.11 12:12:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2017.05.11 12:12:11 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvps.dll
[2017.05.11 12:12:10 | 001,628,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017.05.11 12:12:10 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2017.05.11 12:12:10 | 000,142,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2017.05.11 12:12:08 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudBackupSettings.dll
[2017.05.11 12:12:08 | 000,207,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.05.11 12:12:08 | 000,027,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe
[2017.05.11 12:12:07 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.05.11 12:12:07 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.05.11 12:12:07 | 001,854,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntVirtualization.dll
[2017.05.11 12:12:07 | 001,468,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.05.11 12:12:07 | 001,452,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystemController.dll
[2017.05.11 12:12:07 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2017.05.11 12:12:07 | 000,673,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2017.05.11 12:12:07 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017.05.11 12:12:07 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2017.05.11 12:12:07 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2017.05.11 12:12:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll
[2017.05.11 12:12:06 | 002,085,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2017.05.11 12:12:06 | 000,923,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.05.11 12:12:06 | 000,872,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2017.05.11 12:12:06 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2017.05.11 12:12:06 | 000,543,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.05.11 12:12:06 | 000,524,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2017.05.11 12:12:06 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.05.11 12:12:04 | 000,388,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2017.05.11 12:12:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2017.05.11 12:12:04 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017.05.08 22:31:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne26c1ac22bd462de
[2017.05.08 21:58:44 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9e7938b39d386aab
[2017.05.08 21:58:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc39221c5bce56df7
[2017.05.08 21:58:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9dfd3197a7b8900f
[2017.05.08 21:58:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8f1b12b8e395c2bb
[2017.05.08 04:30:42 | 000,400,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2017.05.05 00:23:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio
[2017.05.05 00:22:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Factorio
[2017.05.04 20:50:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Red Giant
[2017.05.04 20:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\LooksBuilder
[2017.05.04 16:57:19 | 000,134,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2017.05.04 16:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2017.05.04 16:55:23 | 035,388,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2017.05.04 16:55:23 | 011,056,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2017.05.04 16:55:23 | 010,547,440 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2017.05.04 16:55:23 | 009,014,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2017.05.04 16:55:23 | 008,805,232 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2017.05.04 16:55:22 | 040,201,848 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2017.05.04 16:55:22 | 035,281,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.05.04 16:55:22 | 011,024,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2017.05.04 16:55:22 | 009,245,744 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2017.05.04 16:55:22 | 003,792,320 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2017.05.04 16:55:22 | 003,247,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2017.05.04 16:55:22 | 001,988,032 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438205.dll
[2017.05.04 16:55:22 | 001,589,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438205.dll
[2017.05.04 16:55:22 | 001,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2017.05.04 16:55:22 | 001,276,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFThevc.dll
[2017.05.04 16:55:22 | 001,054,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2017.05.04 16:55:22 | 000,995,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2017.05.04 16:55:22 | 000,993,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFThevc.dll
[2017.05.04 16:55:22 | 000,991,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2017.05.04 16:55:22 | 000,960,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2017.05.04 16:55:22 | 000,911,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2017.05.04 16:55:22 | 000,821,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2017.05.04 16:55:22 | 000,776,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2017.05.04 16:55:22 | 000,688,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2017.05.04 16:55:22 | 000,651,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2017.05.04 16:55:22 | 000,618,744 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmcumd.dll
[2017.05.04 16:55:22 | 000,612,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2017.05.04 16:55:22 | 000,609,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2017.05.04 16:55:22 | 000,577,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2017.05.04 16:55:22 | 000,499,320 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2017.05.03 15:58:44 | 000,513,144 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2017.05.03 15:57:29 | 001,988,216 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438189.dll
[2017.05.03 15:57:29 | 001,589,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438189.dll
[2017.05.03 15:44:27 | 000,153,536 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2017.05.03 15:44:27 | 000,127,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2017.05.01 23:58:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\VS Revo Group
[2017.05.01 23:58:12 | 000,040,240 | ---- | C] (VS Revo Group) -- C:\WINDOWS\SysNative\drivers\revoflt.sys
[2017.05.01 23:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2017.05.01 23:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2017.05.01 23:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2017.04.28 17:23:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign13981d18137ad82a
[2017.04.28 16:48:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbdd2a2d86ef77dc1
[2017.04.28 16:48:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign930ee542570c4560
[2017.04.27 22:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb477b0518b676774
[2017.04.27 22:40:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign629bea0186baaed8
[2017.04.27 22:40:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf7aae8e80bdac187
[2017.04.27 22:40:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne328759f20e9e618
[2017.04.27 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb4d8d7dfb50fead1
[2017.04.27 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign2470776e10a697bd
[2017.04.27 22:36:10 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign640f53b6124855d8
[2017.04.27 22:36:10 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign137e2625931c94b4
[2017.04.27 22:36:00 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigneea7c8172ba8c408
[2017.04.27 22:36:00 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignda27637ba242b7e7
[2017.04.27 22:35:39 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna0b2640d105c1997
[2017.04.27 22:35:39 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign04d866d89c22db72
[2017.04.27 16:59:40 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign00f83501a9ebf265
[2017.04.27 16:59:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign3746836e43f90599
[2017.04.27 16:58:42 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne9f5ade61b66f630
[2017.04.27 16:58:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncfd0645bed94c498
[2017.04.27 16:58:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna2bf50ef94e72e7a
[2017.04.26 03:08:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2017.04.25 14:10:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\dvdcss
[2017.04.25 14:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2017.04.25 14:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2017.04.25 14:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2017.04.25 14:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5kplayer
[2017.04.25 14:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DearMob
[2017.04.25 14:09:47 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\5kplayer
[2017.04.25 14:01:33 | 000,000,000 | ---D | C] -- C:\Users\winki\Documents\Aviosoft
[2017.04.24 23:54:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfee4c261cdd90e2e
[2017.04.24 23:54:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign891c6abbabb52a27
[2017.04.24 23:54:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0d01e7714212ed5c
[2017.04.24 21:39:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2017.04.24 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigndec9157c8ddb3c70
[2017.04.24 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign448df59b5f76dffa
[2017.04.24 11:41:05 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5e1d5d87412024d4
[2017.04.24 11:40:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd986c4682bcf93c8
[2017.04.24 11:40:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign66d86ea17898ae97
[2017.04.24 11:22:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5bccc938cf585fe4
[2017.04.24 11:22:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign08ab7d9c25864558
[2017.04.24 10:56:54 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncceb35b134d8de5e
[2017.04.24 10:56:54 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6a3dc533d0e3c0ff
[2017.04.24 05:18:35 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc496fc0564cab0a8
[2017.04.24 05:18:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignac0ea24355f7192b
[2017.04.24 05:18:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5d06880071bd8ad6
[2017.04.24 05:00:03 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignda266668d7b8db79
[2017.04.24 04:59:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4ce5d0075f3766c6
[2017.04.24 04:59:19 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignad948fdaf72bf569
[2017.04.24 04:59:19 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign333541d2930c31cb
[2017.04.24 04:19:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne64e082df04d9341
[2017.04.24 04:19:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd801b3974ef1cb4b
[2017.04.24 04:19:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign7475f65b71538a7a
[2017.04.24 04:15:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb57228b8f3004e4e
[2017.04.24 04:15:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign311e91a97408ee74
[2017.04.24 04:07:55 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign64aa6402f28e6e8d
[2017.04.24 04:07:55 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign498add4d41bcda50
[2017.04.24 04:07:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign38b4bd3b46b5d81f
[2017.04.24 04:07:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign275877caef5e8766
[2017.04.24 03:50:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign1dda067de6628e85
[2017.04.24 03:30:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncdadaec9e7f51e3b
[2017.04.24 03:06:44 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfaeaaf948012a30e
[2017.04.24 03:04:02 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign333c7fa001bac9d5
[2017.04.24 02:23:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign82dd7206540bfd3c
[2017.04.23 23:54:32 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign46eceefee4470e67
[2017.04.23 23:54:31 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9942de3af9eb2130
[2017.04.23 23:45:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6d101089f4cc8b94
[2017.04.23 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign52e2f2d40e4c0908
[2017.04.23 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4b90c8cdb952de3d
[2017.04.23 20:01:54 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
[2017.04.23 20:01:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2017.04.23 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncf56e2eee65cb2c9
[2017.04.23 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbad00783bea2dde5
[2017.04.23 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign16cbbd27226fe929
[2017.04.23 02:37:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0ab62dd1e375a428
[2017.04.23 02:37:19 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne3b2119bcff5c433
[2017.04.23 02:37:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne62fbaf5a5f40115
[2017.04.23 02:37:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna246eaa2058bf1e1
[2017.04.23 02:36:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf3a532af00cb3956
[2017.04.23 02:36:46 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne5cbcbc3e1bb543d
[2017.04.23 02:36:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc9005e14120a9f0c
[2017.04.23 02:36:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign12d1c5d8fa10327a
[2017.04.23 02:35:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd3dff5d72ef39bbc
[2017.04.23 02:35:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9291e4f86535c88c
[2017.04.23 02:35:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbc41ad696c26644f
[2017.04.23 02:35:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign44dd9d6d197ba8ff
[2017.04.22 22:57:42 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd48750f8e8549bfe
[2017.04.22 22:57:42 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign89f83eaa392c0995
[2017.04.22 22:57:41 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign7a7c209d2207d618
[2017.04.22 22:57:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9d45355b486acd78
[2017.04.22 22:57:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign824904fd146d31a9
[2017.04.22 22:57:17 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign591ed7bb8db19d33
[2017.04.22 21:42:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf90a3280a254b021
[2017.04.22 21:42:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd353e40b6cbdbce1
[2017.04.22 21:42:14 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8255e721b8e77cdf
[2017.04.22 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignaf718082d82d8a9f
[2017.04.22 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8458e4b819312128
[2017.04.22 21:41:45 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign23a11b0ba32b1939
[2017.04.22 21:41:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf2e1d2320fd8f556
[2017.04.22 21:41:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc5c8cd0e33744dd3
[2017.04.22 21:30:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AdobeInstalledCodecs
[2017.04.22 21:29:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2017.04.21 22:44:38 | 000,000,000 | ---D | C] -- C:\MoTemp
[2017.04.21 22:44:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Imagineer Systems Ltd
[2017.04.21 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc5be1eead629af95
[2017.04.21 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbba20e9b82512859
[2017.04.21 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign49c80d80bafd90d6
[2017.04.21 15:25:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb12a8c45ef3f4b01
[2017.04.21 15:25:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign2d975f9cf007b893
[2017.04.21 15:25:09 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign522270e676141beb
[2017.04.21 15:25:09 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4c52d376daed448e
[2017.04.21 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6812311677203235
[2017.04.21 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign5805bba2237c74e9
[2017.04.21 15:24:28 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign29d404fdaf31a2a0
[2017.04.21 14:51:08 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign208f876a10d07a1d
[2017.04.21 14:49:12 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign629403745e711471
[2017.04.21 14:49:10 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign8b348f91448a41d4
[2017.04.21 14:49:09 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb1656f7ad9f612f7
[2017.04.21 13:48:58 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb97d4194a3ed4c3c
[2017.04.21 13:48:58 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign468dca8834f72326
[2017.04.21 13:47:55 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigna2d9937729a5a39c
[2017.04.21 13:47:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9047687bf044ce0e
[2017.04.21 13:47:48 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign25f9600bf808083c
[2017.04.21 12:41:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd807bd61a50c28df
[2017.04.21 12:41:50 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb3f12187ce23f6f8
[2017.04.20 22:04:25 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9de081fc80c494ae
[2017.04.20 22:03:22 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4e9fa8c89d7f86c1
[2017.04.20 22:03:20 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4c12072d772b4621
[2017.04.20 22:03:20 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign02e44ccec66e3d19
[2017.04.20 21:55:37 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncbc428d28be02e87
[2017.04.20 21:55:35 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4314bda28723a783
[2017.04.20 21:55:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne6b4f9619889007e
[2017.04.20 21:55:33 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignadaa36fb6f8d6dc6
[2017.04.20 18:43:12 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign2e5f6f6123f590d4
[2017.04.20 18:43:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignce25c2fd5c80f19c
[2017.04.20 18:43:08 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb128eea8632100a7
[2017.04.20 18:43:08 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9d317ee1ee6c9cd8
[2017.04.20 18:41:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne64b443c38284b1a
[2017.04.20 18:41:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigndefc08432c2e71fe
[2017.04.20 18:41:38 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9db4187beddac3f1
[2017.04.20 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfe0ee341a910adfd
[2017.04.20 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign65a30d191a42e1a6
[2017.04.20 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0c816b4efca6a6cf
[2017.04.20 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigned8abf1ae9542c61
[2017.04.20 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign9c017fc6c452aab2
[2017.04.20 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0c0eb275b67e7acd
[2017.04.20 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd962f4e55c2db9e5
[2017.04.20 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignaeda5862e1dc322d
[2017.04.20 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign3ef31e5d87d1f4d3
[2017.04.20 11:28:57 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\DBG
[2017.04.19 13:01:53 | 000,000,000 | ---D | C] -- C:\Windows.old
[2017.04.19 13:01:45 | 001,506,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017.04.19 13:01:45 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2017.04.19 13:01:45 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.04.19 13:01:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsDocumentTargetPrint.dll
[2017.04.19 13:01:45 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017.04.19 13:01:43 | 001,760,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017.04.19 13:01:43 | 001,657,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2017.04.19 13:01:43 | 001,605,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017.04.19 13:01:43 | 001,147,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.04.19 13:01:43 | 001,024,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.04.19 13:01:43 | 000,750,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.04.19 13:01:43 | 000,626,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.04.19 13:01:43 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017.04.19 13:01:43 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.04.19 13:01:43 | 000,409,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.04.19 13:01:43 | 000,382,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.04.19 13:01:43 | 000,354,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.04.19 13:01:43 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsDocumentTargetPrint.dll
[2017.04.19 13:01:43 | 000,311,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.04.19 13:01:43 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.04.19 13:01:43 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2017.04.19 13:01:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2017.04.19 13:01:43 | 000,047,104 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2017.04.19 13:01:43 | 000,038,912 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2017.04.19 13:01:13 | 006,348,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsData0009.dll
[2017.04.19 13:01:13 | 005,739,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prm0009.dll
[2017.04.19 13:01:13 | 002,629,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsLexicons0009.dll
[2017.04.19 13:00:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2017.04.19 13:00:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2017.04.19 12:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2017.04.19 12:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2017.04.19 12:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017.04.19 12:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017.04.19 12:05:39 | 002,233,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2017.04.19 12:04:11 | 000,000,000 | --SD | C] -- C:\Users\winki\AppData\Roaming\Microsoft
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017.04.19 12:04:11 | 000,000,000 | R--D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\AppData\Local\Temporary Internet Files
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Šablony
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Soubory cookie
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\SendTo
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Poslední
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Okolní tiskárny
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Okolní síť
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Documents\Obrázky
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Nabídka Start
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Local Settings
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Documents\Hudba
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\AppData\Local\History
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Documents\Filmy
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Dokumenty
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\Data aplikací
[2017.04.19 12:04:11 | 000,000,000 | -HSD | C] -- C:\Users\winki\AppData\Local\Data aplikací
[2017.04.19 12:04:11 | 000,000,000 | -H-D | C] -- C:\Users\winki\AppData
[2017.04.19 12:04:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Temp
[2017.04.19 12:04:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Microsoft
[2017.04.19 12:04:11 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017.04.19 12:04:01 | 006,437,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2017.04.19 12:04:01 | 002,479,552 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2017.04.19 12:04:01 | 001,762,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2017.04.19 12:04:01 | 000,548,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2017.04.19 12:04:01 | 000,392,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2017.04.19 12:04:01 | 000,081,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2017.04.19 12:04:01 | 000,069,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2017.04.19 12:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2017.04.19 12:03:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2017.04.19 12:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2017.04.19 12:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2017.04.19 12:03:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2017.04.19 12:03:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2017.04.19 12:03:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2017.04.18 20:23:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc2d169af56cbf558
[2017.04.18 20:23:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6ab506a96f84c28e
[2017.04.18 20:23:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign4816c8bf468a7909
[2017.04.18 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign6ec04166cdd5e691
[2017.04.18 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign259bf4cb1dd3fdd9
[2017.04.18 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign0c90ede3db4b4084
[2017.04.18 20:09:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignc9c80737b4f9d051
[2017.04.18 20:09:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign63f5cf114822e2f4
[2017.04.18 20:09:07 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign1f9f5565fd0529b5
[2017.04.18 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignf1d33b5aca431f07
[2017.04.18 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigncadf06b14089cd35
[2017.04.18 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign7c31f272761f197f
[2017.04.18 20:01:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignfe596db5ac613b43
[2017.04.18 20:01:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignd4d987a035dfb32d
[2017.04.18 20:01:43 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignb31188562d8bf4b3
[2017.04.18 19:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigne1470ea06c35c143
[2017.04.18 19:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsignbbbe53647dc84f07
[2017.04.18 19:50:26 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign3be68492feccd027
[2017.04.18 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsigndddd5eee344b2a9e
[2017.04.18 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign828904dd41f72875
[2017.04.18 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\winki\AppData\Local\Tempzxpsign282f30c4ecab02aa
[2017.04.17 15:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2017.04.15 12:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.04.15 12:34:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes

windyOMG · #29 Příspěvek od **windyOMG** » 14 kvě 2017 18:49

========== Files - Modified Within 30 Days ==========

[2017.05.14 19:20:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017.05.14 12:54:18 | 835,526,653 | -HS- | M] () -- C:\hiberfil.sys
[2017.05.14 12:54:18 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.05.13 18:16:35 | 000,000,033 | ---- | M] () -- C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat
[2017.05.13 14:37:38 | 000,158,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswstm.sys
[2017.05.12 16:41:36 | 002,445,388 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.05.12 16:41:36 | 001,100,936 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2017.05.12 16:41:36 | 000,824,328 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.05.12 16:41:36 | 000,260,734 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2017.05.12 16:41:36 | 000,245,486 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.05.12 16:35:33 | 005,154,312 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.05.12 16:35:29 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2017.05.12 12:54:34 | 000,002,626 | ---- | M] () -- C:\Users\winki\Documents\Záloha - Setting - FreeFileSyns.ffs_gui
[2017.05.12 12:39:38 | 000,002,461 | ---- | M] () -- C:\Users\winki\Desktop\Google Chrome.lnk
[2017.05.08 04:30:39 | 000,569,192 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2017.05.08 04:30:39 | 000,400,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2017.05.08 04:30:39 | 000,339,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2017.05.08 04:30:39 | 000,158,368 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswstm.sys.149467905695301
[2017.05.08 04:30:39 | 000,128,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2017.05.08 04:30:39 | 000,101,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2017.05.08 04:30:39 | 000,075,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2017.05.08 04:30:39 | 000,038,296 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2017.05.08 04:30:36 | 001,007,160 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2017.05.08 04:30:36 | 000,032,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2017.05.08 04:30:35 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys
[2017.05.08 04:30:35 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys
[2017.05.08 04:30:35 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys
[2017.05.08 04:30:35 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys
[2017.05.05 03:58:24 | 1683,020,198 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2017.05.05 00:23:38 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Factorio.lnk
[2017.05.03 15:44:43 | 000,001,485 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2017.05.02 00:38:30 | 040,201,848 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2017.05.02 00:38:30 | 035,388,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2017.05.02 00:38:30 | 035,281,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.05.02 00:38:30 | 028,623,480 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2017.05.02 00:38:30 | 011,056,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvptxJitCompiler.dll
[2017.05.02 00:38:30 | 011,024,384 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2017.05.02 00:38:30 | 010,547,440 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2017.05.02 00:38:30 | 009,245,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2017.05.02 00:38:30 | 009,014,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2017.05.02 00:38:30 | 008,805,232 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2017.05.02 00:38:30 | 004,092,088 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2017.05.02 00:38:30 | 003,792,320 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2017.05.02 00:38:30 | 003,607,464 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2017.05.02 00:38:30 | 003,247,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2017.05.02 00:38:30 | 001,988,032 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438205.dll
[2017.05.02 00:38:30 | 001,589,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438205.dll
[2017.05.02 00:38:30 | 001,278,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFTH264.dll
[2017.05.02 00:38:30 | 001,276,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncMFThevc.dll
[2017.05.02 00:38:30 | 001,054,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2017.05.02 00:38:30 | 000,995,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
[2017.05.02 00:38:30 | 000,993,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncMFThevc.dll
[2017.05.02 00:38:30 | 000,991,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2017.05.02 00:38:30 | 000,960,960 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2017.05.02 00:38:30 | 000,911,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2017.05.02 00:38:30 | 000,821,184 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvDecMFTMjpeg.dll
[2017.05.02 00:38:30 | 000,776,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2017.05.02 00:38:30 | 000,688,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvfatbinaryLoader.dll
[2017.05.02 00:38:30 | 000,651,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
[2017.05.02 00:38:30 | 000,618,744 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmcumd.dll
[2017.05.02 00:38:30 | 000,612,088 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2017.05.02 00:38:30 | 000,609,912 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2017.05.02 00:38:30 | 000,577,728 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2017.05.02 00:38:30 | 000,499,320 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2017.05.02 00:38:30 | 000,045,061 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2017.05.01 23:58:13 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2017.05.01 22:52:54 | 000,001,951 | ---- | M] () -- C:\WINDOWS\NvContainerRecovery.bat
[2017.05.01 22:51:10 | 006,437,312 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2017.05.01 22:51:10 | 002,479,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2017.05.01 22:51:08 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2017.05.01 22:51:08 | 000,548,800 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2017.05.01 22:51:08 | 000,392,312 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2017.05.01 22:51:08 | 000,081,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2017.05.01 22:51:08 | 000,069,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2017.05.01 22:14:49 | 000,134,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvStreaming.exe
[2017.04.29 23:20:12 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 1.lnk
[2017.04.29 03:05:10 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2017.04.29 03:05:09 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017.04.28 03:38:54 | 001,411,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.04.28 03:18:20 | 002,259,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.04.28 03:12:51 | 001,604,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.04.28 03:12:32 | 000,543,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.04.28 03:08:59 | 002,330,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017.04.28 03:08:26 | 002,399,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.04.28 03:08:01 | 008,320,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.04.28 03:08:01 | 000,775,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017.04.28 03:07:42 | 006,759,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.04.28 03:06:28 | 002,969,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.04.28 03:06:01 | 000,708,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2017.04.28 03:05:28 | 000,923,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.04.28 03:04:16 | 000,583,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.04.28 03:03:01 | 000,667,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.04.28 02:59:36 | 005,477,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.04.28 02:59:36 | 000,207,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.04.28 02:59:32 | 000,027,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe
[2017.04.28 02:59:04 | 000,388,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2017.04.28 02:58:30 | 000,872,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2017.04.28 02:58:01 | 001,852,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017.04.28 02:57:26 | 003,116,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.04.28 02:56:20 | 007,904,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.04.28 02:55:44 | 001,325,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017.04.28 02:53:02 | 000,387,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.04.28 02:52:48 | 002,957,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.04.28 02:52:47 | 000,790,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017.04.28 02:52:11 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.04.28 02:51:18 | 020,505,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.04.28 02:49:41 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.04.28 02:49:09 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017.04.28 02:46:18 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2017.04.28 02:46:08 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017.04.28 02:45:58 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017.04.28 02:42:37 | 000,636,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.04.28 02:42:33 | 000,806,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2017.04.28 02:42:08 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2017.04.28 02:41:28 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.04.28 02:40:48 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2017.04.28 02:40:26 | 006,292,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.04.28 02:40:14 | 002,008,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.04.28 02:40:09 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2017.04.28 02:40:07 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017.04.28 02:38:29 | 003,667,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.04.28 02:38:04 | 001,019,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.04.28 02:37:17 | 004,559,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.04.28 02:34:51 | 000,891,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2017.04.28 02:26:10 | 023,677,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.04.28 02:15:02 | 003,672,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.04.28 02:15:01 | 001,051,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017.04.28 02:14:07 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.04.28 02:11:52 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017.04.28 02:11:43 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.04.28 02:11:12 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017.04.28 02:09:53 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2017.04.28 02:09:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\Microsoft.Bluetooth.Profiles.HidOverGatt.dll
[2017.04.28 02:09:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.04.28 02:08:14 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2017.04.28 02:08:10 | 000,457,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2017.04.28 02:08:00 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017.04.28 02:07:46 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017.04.28 02:06:53 | 001,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.04.28 02:06:51 | 000,527,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.04.28 02:06:47 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017.04.28 02:05:49 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.04.28 02:05:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2017.04.28 02:04:49 | 001,878,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.04.28 02:04:40 | 000,416,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2017.04.28 02:04:37 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017.04.28 02:03:51 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.04.28 02:03:21 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2017.04.28 02:03:19 | 000,925,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.04.28 02:03:05 | 001,027,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2017.04.28 02:02:22 | 001,260,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.04.28 02:01:49 | 001,886,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.04.28 02:01:00 | 002,077,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.04.28 02:00:28 | 008,244,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.04.28 01:59:55 | 000,373,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2017.04.28 01:59:51 | 004,396,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.04.28 01:59:19 | 002,056,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.04.28 01:59:08 | 001,293,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.04.28 01:58:36 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017.04.28 01:57:53 | 004,730,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.04.28 01:57:51 | 002,800,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.04.28 01:57:07 | 005,557,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.04.28 01:54:08 | 000,970,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2017.04.28 01:54:03 | 000,985,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017.04.28 01:52:54 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.ps.dll
[2017.04.26 07:40:34 | 001,882,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2017.04.26 07:40:34 | 001,472,960 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2017.04.26 07:40:33 | 001,755,072 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspbridge64.dll
[2017.04.26 07:40:33 | 001,317,312 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspbridge.dll
[2017.04.26 07:40:33 | 000,121,280 | ---- | M] () -- C:\WINDOWS\SysNative\NvRtmpStreamer64.dll
[2017.04.26 07:40:28 | 000,153,536 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2017.04.26 07:40:28 | 000,127,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2017.04.26 07:40:28 | 000,047,552 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvad64v.sys
[2017.04.26 07:03:24 | 000,001,951 | ---- | M] () -- C:\WINDOWS\NvTelemetryContainerRecovery.bat
[2017.04.25 23:11:41 | 007,944,687 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2017.04.25 14:09:53 | 000,001,202 | ---- | M] () -- C:\Users\winki\Desktop\5KPlayer.lnk
[2017.04.25 14:01:33 | 000,000,014 | ---- | M] () -- C:\WINDOWS\SysWow64\Systemdrv.sys
[2017.04.24 11:32:01 | 000,044,597 | ---- | M] () -- C:\Users\winki\Documents\MegaBoard---998x200.jpg
[2017.04.22 21:29:41 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2017.04.20 03:59:14 | 001,988,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6438189.dll
[2017.04.20 03:59:14 | 001,589,880 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6438189.dll
[2017.04.20 03:59:14 | 000,513,144 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2017.04.20 03:59:14 | 000,418,752 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\opencl.dll
[2017.04.20 03:59:14 | 000,059,448 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvhci.sys
[2017.04.19 13:01:45 | 001,506,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017.04.19 13:01:45 | 001,060,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2017.04.19 13:01:45 | 000,364,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.04.19 13:01:45 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsDocumentTargetPrint.dll
[2017.04.19 13:01:45 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017.04.19 13:01:43 | 001,760,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017.04.19 13:01:43 | 001,657,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2017.04.19 13:01:43 | 001,605,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017.04.19 13:01:43 | 001,147,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.04.19 13:01:43 | 001,024,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.04.19 13:01:43 | 000,750,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.04.19 13:01:43 | 000,626,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.04.19 13:01:43 | 000,545,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017.04.19 13:01:43 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.04.19 13:01:43 | 000,409,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.04.19 13:01:43 | 000,382,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.04.19 13:01:43 | 000,354,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.04.19 13:01:43 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsDocumentTargetPrint.dll
[2017.04.19 13:01:43 | 000,311,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.04.19 13:01:43 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.04.19 13:01:43 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2017.04.19 13:01:43 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2017.04.19 13:01:43 | 000,047,104 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2017.04.19 13:01:43 | 000,038,912 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2017.04.19 13:01:43 | 000,032,004 | ---- | M] () -- C:\WINDOWS\SysNative\edgehtmlpluginpolicy.bin
[2017.04.19 12:58:54 | 000,000,000 | -H-- | M] () -- C:\$WINRE_BACKUP_PARTITION.MARKER
[2017.04.19 12:30:56 | 000,001,765 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2017.04.19 12:29:43 | 000,092,982 | ---- | M] () -- C:\Users\winki\Documents\Záloha - CC.reg
[2017.04.19 12:08:36 | 000,011,433 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2017.04.19 12:08:36 | 000,011,433 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2017.04.19 12:07:40 | 000,022,924 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017.04.19 09:07:06 | 000,712,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.04.19 09:06:34 | 000,651,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.04.19 09:04:08 | 000,142,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2017.04.19 09:02:42 | 000,716,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2017.04.19 08:19:29 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.04.19 08:18:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2017.04.19 08:16:06 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2017.04.19 08:15:36 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2017.04.19 08:14:11 | 000,646,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2017.04.19 08:13:20 | 000,409,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.04.19 08:13:03 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2017.04.19 08:12:32 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.04.19 08:12:06 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.04.19 08:12:02 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2017.04.19 08:11:56 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017.04.19 08:11:10 | 004,446,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.04.19 08:10:51 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2017.04.19 08:10:16 | 001,600,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2017.04.19 08:10:06 | 002,765,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
[2017.04.19 08:08:43 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017.04.19 08:08:25 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.04.19 08:07:15 | 000,707,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017.04.19 08:07:12 | 001,242,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017.04.19 08:06:37 | 002,651,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017.04.19 08:04:15 | 000,624,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017.04.19 08:02:16 | 000,559,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.04.19 08:01:25 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvps.dll
[2017.04.19 07:59:46 | 002,435,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017.04.19 07:59:32 | 001,087,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2017.04.19 07:37:46 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2017.04.19 07:36:43 | 001,291,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.04.19 07:35:21 | 000,476,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2017.04.19 07:34:35 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.04.19 07:34:28 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2017.04.19 07:32:50 | 001,285,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2017.04.19 07:30:13 | 000,909,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017.04.19 07:29:17 | 002,298,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017.04.18 12:54:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.04.18 12:46:24 | 000,029,696 | ---- | M] () -- C:\Users\winki\AppData\Local\MSGBOX.EXE
[2017.04.18 12:46:24 | 000,015,327 | ---- | M] () -- C:\Users\winki\Desktop\LM.bat
[2017.04.16 00:49:48 | 000,007,606 | ---- | M] () -- C:\Users\winki\AppData\Local\Resmon.ResmonCfg

========== Files Created - No Company Name ==========

[2017.05.14 19:20:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2017.05.05 03:58:24 | 1683,020,198 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2017.05.05 00:23:38 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Factorio.lnk
[2017.05.04 16:57:14 | 000,536,864 | ---- | C] () -- C:\WINDOWS\SysNative\vulkan-1.dll
[2017.05.04 16:57:14 | 000,525,600 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2017.05.04 16:57:14 | 000,254,240 | ---- | C] () -- C:\WINDOWS\SysNative\vulkaninfo.exe
[2017.05.04 16:57:14 | 000,233,760 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2017.05.01 23:58:13 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2017.04.25 14:09:53 | 000,001,202 | ---- | C] () -- C:\Users\winki\Desktop\5KPlayer.lnk
[2017.04.25 14:01:33 | 000,000,014 | ---- | C] () -- C:\WINDOWS\SysWow64\Systemdrv.sys
[2017.04.24 21:39:14 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
[2017.04.24 11:32:01 | 000,044,597 | ---- | C] () -- C:\Users\winki\Documents\MegaBoard---998x200.jpg
[2017.04.22 21:39:57 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2017.lnk
[2017.04.22 21:33:33 | 000,001,085 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
[2017.04.22 21:32:38 | 000,002,520 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2017.lnk
[2017.04.22 21:30:36 | 000,001,271 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2017.lnk
[2017.04.22 21:29:41 | 000,001,298 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[2017.04.22 21:29:41 | 000,001,286 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2017.04.19 13:03:01 | 000,052,569 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2017.04.19 13:03:01 | 000,052,569 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2017.04.19 13:01:43 | 000,032,004 | ---- | C] () -- C:\WINDOWS\SysNative\edgehtmlpluginpolicy.bin
[2017.04.19 12:58:54 | 000,000,000 | -H-- | C] () -- C:\$WINRE_BACKUP_PARTITION.MARKER
[2017.04.19 12:30:56 | 000,001,765 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2017.04.19 12:29:40 | 000,092,982 | ---- | C] () -- C:\Users\winki\Documents\Záloha - CC.reg
[2017.04.19 12:18:10 | 002,445,388 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.04.19 12:08:29 | 000,011,433 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2017.04.19 12:08:29 | 000,011,433 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2017.04.19 12:07:40 | 000,022,924 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017.04.19 12:06:23 | 835,526,653 | -HS- | C] () -- C:\hiberfil.sys
[2017.04.19 12:05:45 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2017.04.19 12:04:03 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017.04.19 12:04:01 | 007,944,687 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2017.04.19 12:03:58 | 000,001,951 | ---- | C] () -- C:\WINDOWS\NvContainerRecovery.bat
[2017.04.19 12:03:28 | 005,154,312 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.04.18 12:46:24 | 000,029,696 | ---- | C] () -- C:\Users\winki\AppData\Local\MSGBOX.EXE
[2017.04.18 12:46:24 | 000,015,327 | ---- | C] () -- C:\Users\winki\Desktop\LM.bat
[2017.03.18 23:03:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017.03.18 23:03:41 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017.03.18 22:58:56 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017.03.18 22:58:54 | 000,116,824 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017.03.18 22:58:54 | 000,112,128 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017.03.18 22:58:54 | 000,086,528 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017.03.18 22:58:52 | 003,200,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017.03.18 22:58:52 | 000,059,904 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017.03.18 22:58:51 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017.03.18 22:58:48 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017.03.18 22:58:42 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017.03.18 22:58:39 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017.03.18 22:58:37 | 001,859,072 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017.03.18 22:57:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017.03.18 22:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017.03.12 12:39:55 | 000,007,606 | ---- | C] () -- C:\Users\winki\AppData\Local\Resmon.ResmonCfg
[2017.03.10 23:17:28 | 000,525,600 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-42-1.dll
[2017.03.10 23:17:20 | 000,233,760 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-42-1.exe
[2017.03.10 13:48:50 | 000,000,022 | ---- | C] () -- C:\WINDOWS\GPU-Z.INI
[2017.03.06 21:24:02 | 000,000,033 | ---- | C] () -- C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017.03.18 22:58:07 | 007,325,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017.03.18 22:58:52 | 005,820,984 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017.03.18 22:57:58 | 000,961,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017.03.18 22:58:50 | 000,770,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017.03.18 22:57:53 | 000,510,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2017.03.13 03:14:23 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\24967
[2017.05.14 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\5kplayer
[2017.03.15 02:08:53 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\AIMP
[2017.05.02 00:00:23 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Amazon Cloud Drive
[2017.04.13 23:29:37 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Anvsoft
[2017.03.23 18:32:45 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\ArcticLine
[2017.04.05 16:42:37 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\AVAST Software
[2017.04.19 12:26:44 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\DAEMON Tools Lite
[2017.03.13 03:12:46 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\DVDFab9
[2017.05.12 02:50:39 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Factorio
[2017.03.09 19:55:17 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\FreeFileSync
[2017.03.06 23:14:47 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Mt_Mograph
[2017.04.24 13:42:36 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\obs-studio
[2017.05.04 01:31:21 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Origin
[2017.02.26 19:54:42 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Red Giant
[2017.04.24 03:21:02 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Spotify
[2017.02.26 14:11:58 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\TeamViewer
[2017.05.14 02:56:49 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\uTorrent
[2017.04.10 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\ZHP

========== Purity Check ==========

========== Custom Scans ==========

< >
[2017.04.19 12:07:39 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2017.03.18 22:56:26 | 000,029,088 | ---- | M] (Microsoft Corporation) MD5=01733BEEE02E51F712330D5909BD701C -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2017.03.18 22:56:26 | 000,029,088 | ---- | M] (Microsoft Corporation) MD5=01733BEEE02E51F712330D5909BD701C -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_74965e869fab271a\atapi.sys
[2017.03.18 22:56:26 | 000,029,088 | ---- | M] (Microsoft Corporation) MD5=01733BEEE02E51F712330D5909BD701C -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_10.0.15063.0_none_ee4c01535a588804\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2017.05.12 12:48:03 | 000,027,615 | ---- | M] () MD5=1EAEEAF8AFAE09AA28ED53360B30F5D5 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.15063.0_none_f307c682fa8fdc57\autochk.exe
[2017.05.12 12:54:21 | 000,036,496 | ---- | M] () MD5=6F787ABEA158C41EEBDABAE2F2213251 -- C:\Windows\WinSxS\wow64_microsoft-windows-autochk_31bf3856ad364e35_10.0.15063.0_none_fd5c70d52ef09e52\autochk.exe
[2017.04.28 02:34:51 | 000,891,904 | ---- | M] (Microsoft Corporation) MD5=F28932A39BD903297C1B075D032FCF06 -- C:\Windows\SysWOW64\autochk.exe
[2017.04.28 02:34:51 | 000,891,904 | ---- | M] (Microsoft Corporation) MD5=F28932A39BD903297C1B075D032FCF06 -- C:\Windows\WinSxS\wow64_microsoft-windows-autochk_31bf3856ad364e35_10.0.15063.296_none_812a04805c98c295\autochk.exe
[2017.04.28 01:54:08 | 000,970,240 | ---- | M] (Microsoft Corporation) MD5=FC84D5ABA3CD649965E17EA5E06D8033 -- C:\WINDOWS\SysNative\autochk.exe
[2017.04.28 01:54:08 | 000,970,240 | ---- | M] (Microsoft Corporation) MD5=FC84D5ABA3CD649965E17EA5E06D8033 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_10.0.15063.296_none_76d55a2e2838009a\autochk.exe

< MD5 for: CDROM.SYS >
[2017.03.18 22:56:25 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=ABE77AD954BC3D72F559CF0C381E50BC -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2017.03.18 22:56:25 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=ABE77AD954BC3D72F559CF0C381E50BC -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_8343533b38a2a0da\cdrom.sys
[2017.03.18 22:56:25 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=ABE77AD954BC3D72F559CF0C381E50BC -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_10.0.15063.0_none_70bd351bdc9623b2\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2017.03.18 22:58:22 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=1F7F1A15B807BC7B241BB2FEEA79BC92 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2017.03.18 22:58:22 | 000,094,720 | ---- | M] (Microsoft Corporation) MD5=1F7F1A15B807BC7B241BB2FEEA79BC92 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_10.0.15063.0_none_8713729dd39e0751\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2017.04.14 02:35:38 | 004,848,440 | ---- | M] (Microsoft Corporation) MD5=6314A1E16B2B6D2E0E3FE65C9BA7BD73 -- C:\Windows\explorer.exe
[2017.04.14 02:35:38 | 004,848,440 | ---- | M] (Microsoft Corporation) MD5=6314A1E16B2B6D2E0E3FE65C9BA7BD73 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.15063.168_none_e6b88268e0192e1e\explorer.exe
[2017.05.12 12:54:52 | 000,183,345 | ---- | M] () MD5=755A91341FFFADC2C77178FB8D021C9B -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.15063.0_none_6d1d2a9de6ebea22\explorer.exe
[2017.05.12 12:48:42 | 000,189,288 | ---- | M] () MD5=8CA8CB7FF94BF93FB58D3C5B00296D80 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_10.0.15063.0_none_62c8804bb28b2827\explorer.exe
[2017.04.14 01:43:41 | 004,469,832 | ---- | M] (Microsoft Corporation) MD5=97FA9E2FD62081E635DDB7AF09121A20 -- C:\Windows\SysWOW64\explorer.exe
[2017.04.14 01:43:41 | 004,469,832 | ---- | M] (Microsoft Corporation) MD5=97FA9E2FD62081E635DDB7AF09121A20 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_10.0.15063.168_none_f10d2cbb1479f019\explorer.exe

< MD5 for: HAL.DLL >
[2017.03.18 22:57:39 | 000,455,584 | ---- | M] (Microsoft Corporation) MD5=B96AD963C1A4224BCB73B7B599400504 -- C:\WINDOWS\SysNative\hal.dll
[2017.03.18 22:57:39 | 000,455,584 | ---- | M] (Microsoft Corporation) MD5=B96AD963C1A4224BCB73B7B599400504 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_10.0.15063.0_none_bc3ccbdd9278f0bd\hal.dll

< MD5 for: IASTORV.SYS >
[2017.03.18 22:56:26 | 000,412,064 | ---- | M] (Intel Corporation) MD5=A243E0CE8644378C9A9D015ABC3EDA27 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2017.03.18 22:56:26 | 000,412,064 | ---- | M] (Intel Corporation) MD5=A243E0CE8644378C9A9D015ABC3EDA27 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2017.03.18 22:56:26 | 000,412,064 | ---- | M] (Intel Corporation) MD5=A243E0CE8644378C9A9D015ABC3EDA27 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_10.0.15063.0_none_c0252bb1c096b3f7\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2017.03.18 22:56:26 | 000,022,944 | ---- | M] (Microsoft Corporation) MD5=7FE3B3A30FA20F27AF7022A01C2266BA -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2017.03.18 22:56:26 | 000,022,944 | ---- | M] (Microsoft Corporation) MD5=7FE3B3A30FA20F27AF7022A01C2266BA -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_e6c89cc58804e205\isapnp.sys
[2017.03.18 22:56:26 | 000,022,944 | ---- | M] (Microsoft Corporation) MD5=7FE3B3A30FA20F27AF7022A01C2266BA -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_10.0.15063.0_none_cb26c674f77f92e2\isapnp.sys

< MD5 for: LSASS.EXE >
[2017.03.18 22:57:36 | 000,058,488 | ---- | M] (Microsoft Corporation) MD5=EABFCDA6E996F8A32DC1B302F7683BB2 -- C:\WINDOWS\SysNative\lsass.exe
[2017.03.18 22:57:36 | 000,058,488 | ---- | M] (Microsoft Corporation) MD5=EABFCDA6E996F8A32DC1B302F7683BB2 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_10.0.15063.0_none_4e7f7ad6cb1d2087\lsass.exe

< MD5 for: NDIS.SYS >
[2017.03.18 22:57:35 | 001,243,040 | ---- | M] (Microsoft Corporation) MD5=E27876B335FEB441DA511030AA85624D -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2017.03.18 22:57:35 | 001,243,040 | ---- | M] (Microsoft Corporation) MD5=E27876B335FEB441DA511030AA85624D -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_10.0.15063.0_none_6a69576e60dac525\ndis.sys

< MD5 for: NETLOGON.DLL >
[2017.03.18 22:58:21 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=B566B3FD63F2A471ADC63179734F10D9 -- C:\WINDOWS\SysNative\netlogon.dll
[2017.03.18 22:58:21 | 000,777,216 | ---- | M] (Microsoft Corporation) MD5=B566B3FD63F2A471ADC63179734F10D9 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.15063.0_none_0ecb907c70c8a1bf\netlogon.dll
[2017.03.18 22:58:48 | 000,665,600 | ---- | M] (Microsoft Corporation) MD5=BE08D0ACF53E9A9502D976AC220A6341 -- C:\Windows\SysWOW64\netlogon.dll
[2017.03.18 22:58:48 | 000,665,600 | ---- | M] (Microsoft Corporation) MD5=BE08D0ACF53E9A9502D976AC220A6341 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_10.0.15063.0_none_19203acea52963ba\netlogon.dll

< MD5 for: NVRAID.SYS >
[2017.03.18 22:56:25 | 000,150,432 | ---- | M] (NVIDIA Corporation) MD5=3DB2E9E207358BFBD09B77B5119ECA5B -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2017.03.18 22:56:25 | 000,150,432 | ---- | M] (NVIDIA Corporation) MD5=3DB2E9E207358BFBD09B77B5119ECA5B -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_144351277838b429\nvraid.sys
[2017.03.18 22:56:25 | 000,150,432 | ---- | M] (NVIDIA Corporation) MD5=3DB2E9E207358BFBD09B77B5119ECA5B -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.15063.0_none_4aee9c60f7cd5dcf\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2017.03.18 22:56:25 | 000,166,304 | ---- | M] (NVIDIA Corporation) MD5=4C04BFBD4DB2EECCC47F5FA39D65BB6E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2017.03.18 22:56:25 | 000,166,304 | ---- | M] (NVIDIA Corporation) MD5=4C04BFBD4DB2EECCC47F5FA39D65BB6E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_144351277838b429\nvstor.sys
[2017.03.18 22:56:25 | 000,166,304 | ---- | M] (NVIDIA Corporation) MD5=4C04BFBD4DB2EECCC47F5FA39D65BB6E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_10.0.15063.0_none_4aee9c60f7cd5dcf\nvstor.sys

< MD5 for: SCECLI.DLL >
[2017.03.18 22:57:46 | 000,270,848 | ---- | M] (Microsoft Corporation) MD5=E59C89147384360998519724DC7295C7 -- C:\WINDOWS\SysNative\scecli.dll
[2017.03.18 22:57:46 | 000,270,848 | ---- | M] (Microsoft Corporation) MD5=E59C89147384360998519724DC7295C7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.15063.0_none_4921bb9511ea287a\scecli.dll
[2017.03.18 22:58:47 | 000,208,896 | ---- | M] (Microsoft Corporation) MD5=F6B83B8043228A4264965AAF1DF6A8E3 -- C:\Windows\SysWOW64\scecli.dll
[2017.03.18 22:58:47 | 000,208,896 | ---- | M] (Microsoft Corporation) MD5=F6B83B8043228A4264965AAF1DF6A8E3 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_10.0.15063.0_none_537665e7464aea75\scecli.dll

< MD5 for: SMSS.EXE >
[2017.03.18 22:57:38 | 000,144,176 | ---- | M] (Microsoft Corporation) MD5=B999183E2195DEBC03B6B7B73A0C83C7 -- C:\WINDOWS\SysNative\smss.exe
[2017.03.18 22:57:38 | 000,144,176 | ---- | M] (Microsoft Corporation) MD5=B999183E2195DEBC03B6B7B73A0C83C7 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_10.0.15063.0_none_8f74af7c219a26c7\smss.exe

< MD5 for: SVCHOST.EXE >
[2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) MD5=3120B24060924F9B94182A1432B2D7F9 -- C:\WINDOWS\SysNative\svchost.exe
[2017.03.18 22:58:21 | 000,047,664 | ---- | M] (Microsoft Corporation) MD5=3120B24060924F9B94182A1432B2D7F9 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.15063.0_none_c6cf32da3e1c774d\svchost.exe
[2017.03.18 22:58:48 | 000,040,904 | ---- | M] (Microsoft Corporation) MD5=6BDB3091562E7DD2C877472286B6CC46 -- C:\Windows\SysWOW64\svchost.exe
[2017.03.18 22:58:48 | 000,040,904 | ---- | M] (Microsoft Corporation) MD5=6BDB3091562E7DD2C877472286B6CC46 -- C:\Windows\WinSxS\wow64_microsoft-windows-services-svchost_31bf3856ad364e35_10.0.15063.0_none_d123dd2c727d3948\svchost.exe

< MD5 for: TCPIP.SYS >
[2017.03.18 22:57:36 | 002,682,776 | ---- | M] (Microsoft Corporation) MD5=0907BD52E5264C0851A839D471F35DA0 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2017.03.18 22:57:36 | 002,682,776 | ---- | M] (Microsoft Corporation) MD5=0907BD52E5264C0851A839D471F35DA0 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-driver_31bf3856ad364e35_10.0.15063.0_none_e90c5eeaeffd537f\tcpip.sys

< MD5 for: USERINIT.EXE >
[2017.03.18 22:58:21 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=46B72E05D0B9F489CA60DBD7361039B0 -- C:\WINDOWS\SysNative\userinit.exe
[2017.03.18 22:58:21 | 000,032,256 | ---- | M] (Microsoft Corporation) MD5=46B72E05D0B9F489CA60DBD7361039B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_10.0.15063.0_none_ed3c934f0a7eb173\userinit.exe
[2017.03.18 22:58:47 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=61E7F56A1C00894FCB212F25BB52EE68 -- C:\Windows\SysWOW64\userinit.exe
[2017.03.18 22:58:47 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=61E7F56A1C00894FCB212F25BB52EE68 -- C:\Windows\WinSxS\wow64_microsoft-windows-userinit_31bf3856ad364e35_10.0.15063.0_none_f7913da13edf736e\userinit.exe

< MD5 for: WINLOGON.EXE >
[2017.05.12 12:52:12 | 000,060,458 | ---- | M] () MD5=4304255FD29A7CA74738DBFDAF395202 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.15063.0_none_80d6da500dc0355d\winlogon.exe
[2017.04.19 08:07:15 | 000,707,072 | ---- | M] (Microsoft Corporation) MD5=D0F1FB0E90BFBD14865B770E2567BE1D -- C:\WINDOWS\SysNative\winlogon.exe
[2017.04.19 08:07:15 | 000,707,072 | ---- | M] (Microsoft Corporation) MD5=D0F1FB0E90BFBD14865B770E2567BE1D -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_10.0.15063.250_none_04c9abef3b4d51d2\winlogon.exe

< MD5 for: WS2_32.DLL >
[2017.03.18 22:58:44 | 000,415,864 | ---- | M] (Microsoft Corporation) MD5=11CAC68A80884F593F41CA68EED61F86 -- C:\Windows\SysWOW64\ws2_32.dll
[2017.03.18 22:58:44 | 000,415,864 | ---- | M] (Microsoft Corporation) MD5=11CAC68A80884F593F41CA68EED61F86 -- C:\Windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.15063.0_none_0e20344e3b858127\ws2_32.dll
[2017.03.18 22:57:35 | 000,433,480 | ---- | M] (Microsoft Corporation) MD5=C488F09F9FC8EED3420E1A309AE7C0BD -- C:\WINDOWS\SysNative\ws2_32.dll
[2017.03.18 22:57:35 | 000,433,480 | ---- | M] (Microsoft Corporation) MD5=C488F09F9FC8EED3420E1A309AE7C0BD -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_10.0.15063.0_none_03cb89fc0724bf2c\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\Panther\*.tmp files -> C:\WINDOWS\Panther\*.tmp -> ]
[18 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

windyOMG · #30 Příspěvek od **windyOMG** » 14 kvě 2017 18:51

< %APPDATA%\*. >
[2017.03.13 03:14:23 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\24967
[2017.05.14 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\5kplayer
[2017.04.24 21:44:41 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Adobe
[2017.03.15 02:08:53 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\AIMP
[2017.05.02 00:00:23 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Amazon Cloud Drive
[2017.04.13 23:29:37 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Anvsoft
[2017.03.23 18:32:45 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\ArcticLine
[2017.04.05 16:42:37 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\AVAST Software
[2017.04.19 12:26:44 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\DAEMON Tools Lite
[2017.04.25 14:10:19 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\dvdcss
[2017.03.13 03:12:46 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\DVDFab9
[2017.05.12 02:50:39 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Factorio
[2017.03.09 19:55:17 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\FreeFileSync
[2017.05.12 16:37:22 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Google
[2017.03.14 19:00:58 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Logishrd
[2017.02.26 11:34:12 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Macromedia
[2017.04.19 12:07:04 | 000,000,000 | --SD | M] -- C:\Users\winki\AppData\Roaming\Microsoft
[2017.04.07 11:43:54 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Mozilla
[2017.03.06 23:14:47 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Mt_Mograph
[2017.02.26 12:51:49 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\NVIDIA
[2017.04.24 13:42:36 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\obs-studio
[2017.05.04 01:31:21 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Origin
[2017.02.26 19:54:42 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Red Giant
[2017.05.02 23:13:09 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Skype
[2017.04.24 03:21:02 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\Spotify
[2017.02.26 14:11:58 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\TeamViewer
[2017.05.14 02:56:49 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\uTorrent
[2017.05.14 16:52:14 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\vlc
[2017.02.26 22:15:44 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\WinRAR
[2017.04.10 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\winki\AppData\Roaming\ZHP

< %APPDATA%\*.exe /s >
[2016.10.11 12:12:50 | 022,840,384 | ---- | M] () -- C:\Users\winki\AppData\Roaming\5kplayer\package\ffmpeg.exe
[2016.10.11 12:12:50 | 000,403,432 | ---- | M] () -- C:\Users\winki\AppData\Roaming\5kplayer\package\rtmpdump.exe
[2016.10.11 12:12:52 | 000,015,408 | ---- | M] () -- C:\Users\winki\AppData\Roaming\5kplayer\package\ytb.exe
[2016.10.13 16:39:38 | 006,888,544 | ---- | M] () -- C:\Users\winki\AppData\Roaming\Anvsoft\Common\youtube-dl.exe
[2017.03.22 13:12:13 | 000,251,856 | R--- | M] (Acresso Software Inc.) -- C:\Users\winki\AppData\Roaming\Microsoft\Installer\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}\ARPPRODUCTICON.exe
[2017.03.22 13:12:13 | 000,251,856 | R--- | M] (Acresso Software Inc.) -- C:\Users\winki\AppData\Roaming\Microsoft\Installer\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}\NewShortcut1_E004384A8D9148B78F6A2EE52F39EAF6.exe
[2017.03.24 11:24:20 | 007,089,776 | ---- | M] (Spotify Ltd) -- C:\Users\winki\AppData\Roaming\Spotify\Spotify.exe
[2017.03.02 19:39:06 | 000,489,584 | ---- | M] (Spotify Ltd) -- C:\Users\winki\AppData\Roaming\Spotify\SpotifyCrashService.exe
[2017.03.24 11:24:20 | 000,114,800 | ---- | M] (Spotify Ltd) -- C:\Users\winki\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2017.03.24 11:24:20 | 001,446,000 | ---- | M] (Spotify Ltd) -- C:\Users\winki\AppData\Roaming\Spotify\SpotifyWebHelper.exe
[2015.04.25 21:30:00 | 000,294,312 | ---- | M] (emc) -- C:\Users\winki\AppData\Roaming\uTorrent\uninstall.exe
[2015.02.22 22:30:00 | 000,416,168 | ---- | M] (BitTorrent, Inc.) -- C:\Users\winki\AppData\Roaming\uTorrent\utorrent.exe
[2017.04.10 17:19:27 | 002,760,192 | ---- | M] () -- C:\Users\winki\AppData\Roaming\ZHP\ZHPCleaner.exe
[2017.04.07 17:39:51 | 044,501,016 | ---- | M] () -- C:\Users\winki\AppData\Roaming\ZHP\Quarantine\AmazonDriveSetupQ.exe
[2017.03.01 23:34:16 | 005,196,288 | ---- | M] () -- C:\Users\winki\AppData\Roaming\ZHP\Quarantine\AutoKMS.exe
[61 C:\Users\winki\AppData\Roaming\ZHP\Quarantine\*.tmp files -> C:\Users\winki\AppData\Roaming\ZHP\Quarantine\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"OneDrive" = "C:\Users\winki\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background -- [2017.04.19 12:11:06 | 001,504,888 | ---- | M] (Microsoft Corporation)
"Plex Media Server" = "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" -- [2017.03.01 16:14:30 | 014,367,208 | ---- | M] (Plex, Inc.)
"Spotify Web Helper" = "C:\Users\winki\AppData\Roaming\Spotify\SpotifyWebHelper.exe" -- [2017.03.24 11:24:20 | 001,446,000 | ---- | M] (Spotify Ltd)
"Google Update" = C:\Users\winki\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe -- [2017.04.28 23:32:08 | 000,601,168 | ---- | M] (Google Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017.05.14 19:20:37 | 000,000,512 | ---- | M] () MD5=E6CF858DCEECF9FAB902BBF6527F2874 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2017.03.01 16:02:04 | 000,003,132 | ---- | M] () -- \Program Files (x86)\Plex\Plex Media Server\Resources\Plug-ins-03e4cfa35\Media-Flags.bundle\Contents\Resources\Studio\crackle.png
[2011.09.15 14:06:22 | 000,080,198 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015.3\Support Files\Presets\ToonItV2 Presets\Roto Toon\Roto Toon Crackle Problem.ffx
[2016.10.19 20:52:22 | 001,159,409 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2011.09.15 14:06:22 | 000,080,198 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Presets\ToonItV2 Presets\Roto Toon\Roto Toon Crackle Problem.ffx
[2016.10.14 04:54:36 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\de_DE\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:36 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\de_DE\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:36 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\de_DE\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\en_US\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\en_US\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\en_US\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\es_ES\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\es_ES\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\es_ES\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\fr_FR\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\fr_FR\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\fr_FR\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\it_IT\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\it_IT\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\it_IT\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ja_JP\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ja_JP\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:38 | 000,823,528 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ja_JP\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ko_KR\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ko_KR\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:38 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ko_KR\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\pt_BR\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\pt_BR\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\pt_BR\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ru_RU\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ru_RU\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\ru_RU\VSTPlugins\DeCrackler6.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\zh_CN\VSTPlugins\DeCrackler1.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\zh_CN\VSTPlugins\DeCrackler2.dll
[2016.10.14 04:54:40 | 000,823,016 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\Plug-Ins\zh_CN\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:32 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\de_DE\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:32 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\de_DE\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:32 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\de_DE\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:32 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\en_US\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:32 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\en_US\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:32 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\en_US\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:34 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\es_ES\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:34 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\es_ES\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:34 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\es_ES\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:34 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\fr_FR\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:34 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\fr_FR\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:34 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\fr_FR\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:36 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\it_IT\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:36 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\it_IT\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:36 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\it_IT\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:36 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ja_JP\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:36 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ja_JP\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:36 | 000,817,152 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ja_JP\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ko_KR\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ko_KR\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ko_KR\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\pt_BR\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\pt_BR\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:38 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\pt_BR\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ru_RU\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ru_RU\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\ru_RU\VSTPlugins\DeCrackler6.dll
[2016.10.19 18:57:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\zh_CN\VSTPlugins\DeCrackler1.dll
[2016.10.19 18:57:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\zh_CN\VSTPlugins\DeCrackler2.dll
[2016.10.19 18:57:40 | 000,816,640 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\zh_CN\VSTPlugins\DeCrackler6.dll
[2017.02.26 12:38:40 | 000,005,208 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\diorama\diorama06\episode16\models\crack_shadow.ffm
[2017.02.26 12:39:46 | 000,036,324 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\models\honey\honey_tile_crack.ffa
[2017.02.26 12:39:46 | 000,034,744 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\models\honey\honey_tile_cracked.ffm
[2017.04.12 11:52:12 | 000,009,849 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\sounds\honey_tile_lid_soft_crack.ogg
[2017.04.12 11:52:39 | 000,001,904 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\tex\chain_blocker\chain_cracked_tex_a.png
[2017.02.26 12:41:38 | 000,004,326 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\tex\chain_blocker\chain_cracked_tex_rgb.jpg
[2017.02.26 12:41:38 | 000,012,653 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\tex\chocolate\choko_cracked_normal.jpg
[2017.02.26 12:41:38 | 000,007,995 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\tex\chocolate\choko_cracked_tex.jpg
[2017.02.26 12:41:38 | 000,006,117 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\tex\white_chocolate\white_choco_layertwo_cracked_tex.jpg
[2017.02.26 12:41:38 | 000,014,506 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\tex\white_chocolate\white_choko_cracked_normal.jpg
[2017.02.26 12:41:38 | 000,006,665 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\tex\white_chocolate\white_choko_cracked_tex.jpg
[2017.02.26 12:40:08 | 000,000,307 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\timelines\mode\giant_bears\ice_crack.xml
[2017.02.26 12:40:08 | 000,000,182 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\game\common\timelines\mode\giant_bears\ice_crack_scene.xml
[2017.02.26 12:44:15 | 000,000,469 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MinecraftUWP_1.0.801.0_x64__8wekyb3d8bbwe\data\resource_packs\vanilla\textures\blocks\stonebrick_cracked.png
[2017.05.02 13:22:00 | 000,003,304 | ---- | M] () -- \Users\winki\AppData\Roaming\5kplayer\package\youtube_dl\extractor\cracked.py
[2017.05.02 13:22:00 | 000,005,022 | ---- | M] () -- \Users\winki\AppData\Roaming\5kplayer\package\youtube_dl\extractor\crackle.py

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2016.08.11 16:52:56 | 015,218,432 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe
[2016.08.11 16:52:44 | 000,056,726 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_cs.qm
[2016.08.11 16:52:44 | 000,060,006 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_de.qm
[2016.08.11 16:52:44 | 000,042,569 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_en.qm
[2016.08.11 16:52:44 | 000,058,980 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_es.qm
[2016.08.11 16:52:44 | 000,027,592 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_et.qm
[2016.08.11 16:52:44 | 000,056,882 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_fi.qm
[2016.08.11 16:52:44 | 000,060,476 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_fr.qm
[2016.08.11 16:52:44 | 000,058,555 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_hu.qm
[2016.08.11 16:52:44 | 000,058,236 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_it.qm
[2016.08.11 16:52:44 | 000,049,035 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_ja.qm
[2016.08.11 16:52:44 | 000,048,049 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_ko.qm
[2016.08.11 16:52:46 | 000,058,114 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_nl.qm
[2016.08.11 16:52:46 | 000,057,204 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_pl.qm
[2016.08.11 16:52:46 | 000,058,348 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_pt.qm
[2016.08.11 16:52:46 | 000,057,027 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_ru.qm
[2016.08.11 16:52:46 | 000,056,642 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_sv.qm
[2016.08.11 16:52:46 | 000,057,333 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_tr.qm
[2016.08.11 16:52:46 | 000,045,187 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_zh.qm
[2016.08.11 16:52:46 | 000,044,967 | ---- | M] () -- \Program Files (x86)\4KDownload\4kvideodownloader\translation\videodownloader_zh_TW.qm
[2016.10.14 11:36:28 | 000,175,616 | ---- | M] () -- \Program Files (x86)\Anvsoft\Any Video Converter Ultimate\avcdownloader.dll
[2015.04.24 21:49:28 | 000,005,932 | ---- | M] () -- \Program Files (x86)\Anvsoft\Any Video Converter Ultimate\plugins\loader.avsi
[2015.07.31 10:57:10 | 000,270,032 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2015.07.31 10:57:10 | 000,019,176 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2016.06.08 12:15:04 | 000,004,328 | ---- | M] () -- \Program Files (x86)\DVDFab 9\QtQuick\Controls\Private\TableViewItemDelegateLoader.qml
[2016.06.08 12:15:04 | 000,004,828 | ---- | M] () -- \Program Files (x86)\DVDFab 9\QtQuick\Controls\Private\TreeViewItemDelegateLoader.qml
[2017.04.05 16:45:21 | 000,018,624 | ---- | M] () -- \Program Files (x86)\CheckPoint\Install\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.02.26 12:38:20 | 000,135,704 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\kasperskylab.ksde.ui.loader.dll
[2017.03.23 20:06:54 | 000,018,624 | ---- | M] () -- \Program Files (x86)\Mozilla Firefox\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.26 07:27:30 | 000,000,950 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\www\external-page-loader-app.html
[2017.04.26 07:27:30 | 000,435,620 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\www\external-page-loader-app.js
[2017.03.03 14:23:17 | 000,009,357 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NvNode\downloader.js
[2017.04.26 07:03:26 | 002,442,360 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
[2017.04.01 05:27:00 | 000,065,984 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2017.04.01 05:27:00 | 000,074,176 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2017.04.01 05:27:00 | 000,084,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2017.04.01 05:27:00 | 000,099,264 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2017.03.01 16:14:30 | 002,106,344 | ---- | M] () -- \Program Files (x86)\Plex\Plex Media Server\CrashUploader.exe
[2017.03.01 16:02:02 | 000,001,712 | ---- | M] () -- \Program Files (x86)\Plex\Plex Media Server\Resources\Plug-ins-03e4cfa35\Framework.bundle\Contents\Resources\Versions\2\Python\Framework\code\loader.py
[2014.05.03 12:13:52 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Red Giant Link\_win32sysloader.pyd
[2012.11.29 23:38:44 | 000,003,584 | ---- | M] () -- \Program Files (x86)\Red Giant Link\tools\update_installer\API-MS-Win-Core-LibraryLoader-L1-1-0.dll
[2014.05.03 12:13:52 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Red Giant Link\tools\update_installer\_win32sysloader.pyd
[2016.10.18 22:58:58 | 000,003,584 | ---- | M] () -- \Program Files (x86)\Steam\bin\cef\cef.win7\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.10.18 22:58:58 | 000,003,072 | ---- | M] () -- \Program Files (x86)\Steam\bin\cef\cef.win7\api-ms-win-core-libraryloader-l1-1-1.dll
[2016.10.18 22:58:58 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Steam\bin\cef\cef.win7\api-ms-win-core-stringloader-l1-1-1.dll
[2014.12.10 02:17:20 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2016.10.20 03:15:30 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_4.5.13_vs10.dll
[2016.10.20 03:15:30 | 000,202,240 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\MXF_SDK_MetaMetadata_XSDLoader2_4.5.13_vs10.dll
[2016.10.20 03:15:30 | 000,152,576 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\MXF_SDK_MetaMetadata_XSDLoader_4.5.13_vs10.dll
[2016.10.19 21:09:00 | 000,013,817 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\bin\resource\modules\python\Python.win64.framework\Lib\unittest\loader.py
[2016.10.13 21:12:06 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\MXF_SDK_MetaMetadata_BinaryLoader_4.5.13_vs10.dll
[2016.10.13 21:12:06 | 000,202,240 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\MXF_SDK_MetaMetadata_XSDLoader2_4.5.13_vs10.dll
[2016.10.13 21:12:06 | 000,152,576 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\MXF_SDK_MetaMetadata_XSDLoader_4.5.13_vs10.dll
[2016.10.12 02:15:38 | 000,105,680 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2017\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_BinaryLoader_4.5.8_vs10.dll
[2016.10.12 02:15:38 | 000,208,592 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2017\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_XSDLoader2_4.5.8_vs10.dll
[2016.10.12 02:15:40 | 000,158,928 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2017\Required\DynamicLinkMediaServer\MXF_SDK_MetaMetadata_XSDLoader_4.5.8_vs10.dll
[2016.10.19 18:58:38 | 000,099,328 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_MetaMetadata_BinaryLoader_4.5.13_vs10.dll
[2016.10.19 18:58:38 | 000,202,240 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_MetaMetadata_XSDLoader2_4.5.13_vs10.dll
[2016.10.19 18:58:38 | 000,152,576 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_MetaMetadata_XSDLoader_4.5.13_vs10.dll
[2017.04.05 16:42:02 | 000,221,112 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2017.04.05 16:42:02 | 000,276,224 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2017.05.08 04:30:37 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\amd64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.08 04:30:37 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.22 12:36:26 | 001,408,361 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.596\resources\bundled_extensions\video-downloader.crx
[2017.03.22 12:36:26 | 001,408,361 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\resources\bundled_extensions\video-downloader.crx
[2017.03.22 12:36:26 | 001,408,361 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2016.09.08 16:42:52 | 000,000,603 | ---- | M] () -- \Program Files\Common Files\Adobe\CEP\extensions\com.adobe.previewHD\PSLoader\loader.html
[2016.09.08 16:42:30 | 000,001,683 | ---- | M] () -- \Program Files\Common Files\Adobe\Plug-Ins\CC\Generator\previewHD.generate\node_modules\ws\examples\fileapi\public\uploader.js
[2015.07.31 10:57:10 | 000,365,776 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2015.07.31 10:57:10 | 000,019,176 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2017.04.20 03:59:14 | 000,305,500 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{17BC096B-05AB-4899-A5C8-0813DBED55F4}\nvfatbinaryloader32.dl_
[2017.04.20 03:59:14 | 000,350,800 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{17BC096B-05AB-4899-A5C8-0813DBED55F4}\nvfatbinaryloader64.dl_
[2017.04.01 05:27:00 | 000,305,302 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{2EF1C5F4-F66C-43AD-B4C2-DA7530DAF2EE}\nvfatbinaryloader32.dl_
[2017.04.01 05:27:00 | 000,350,796 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{2EF1C5F4-F66C-43AD-B4C2-DA7530DAF2EE}\nvfatbinaryloader64.dl_
[2017.05.02 00:38:30 | 000,305,498 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4C2843E1-1342-4863-91DC-0F000A90B77F}\nvfatbinaryloader32.dl_
[2017.05.02 00:38:30 | 000,350,796 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4C2843E1-1342-4863-91DC-0F000A90B77F}\nvfatbinaryloader64.dl_
[2017.03.17 03:01:06 | 000,304,681 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{963E9876-E602-4DDF-8D2A-57C661E6246A}\nvfatbinaryloader32.dl_
[2017.03.17 03:01:06 | 000,349,941 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.Driver.{963E9876-E602-4DDF-8D2A-57C661E6246A}\nvfatbinaryloader64.dl_
[2017.04.01 05:27:00 | 000,065,984 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{C444C863-C35A-4B90-B568-63D53BBEB747}\files\Common\PhysXLoader.dll
[2017.04.01 05:27:00 | 000,074,176 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{C444C863-C35A-4B90-B568-63D53BBEB747}\files\Common\PhysXLoader64.dll
[2017.04.01 05:27:00 | 000,084,024 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{C444C863-C35A-4B90-B568-63D53BBEB747}\files\Common\PhysXUpdateLoader.dll
[2017.04.01 05:27:00 | 000,099,264 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{C444C863-C35A-4B90-B568-63D53BBEB747}\files\Common\PhysXUpdateLoader64.dll
[2017.03.20 06:41:42 | 002,689,024 | ---- | M] () -- \Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe
[2017.02.26 11:46:05 | 000,002,171 | ---- | M] () -- \Program Files\WindowsApps\Facebook.Facebook_81.832.151.0_x86__8xx8rvfyw5nnt\WinUAPEntry.resources\FBComposeModule.bundle\UploadErrorInternalSettings.plist
[2017.03.10 12:52:39 | 000,003,297 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\helpcenter\scenes\webview_loader.xml
[2017.03.10 12:52:40 | 000,004,775 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\helpcenter\scenes\webview_loader_layout.xml
[2017.02.26 12:41:38 | 000,007,894 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\preloader\tex\hard_loader_bg.png
[2017.03.25 10:29:24 | 000,007,365 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\preloader\tex\ninja_kimmy_loader_a.png
[2017.02.26 12:41:38 | 000,027,866 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\preloader\tex\ninja_kimmy_loader_rgb.jpg
[2017.04.12 11:52:39 | 000,142,343 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\preloader\tex\samurai_kimmy_loader.png
[2017.04.12 11:52:39 | 000,008,713 | ---- | M] () -- \Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.89.700.0_x86__kgqvnymyfvs32\res_output\shared\preloader\tex\superhard_loader_bg.png
[2012.06.09 20:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2017.04.19 12:08:37 | 000,000,090 | ---- | M] () -- \ProgramData\AVAST Software\Avast\SWCUData\Cache\InstallLocation\4K Video Downloader_is1
[2017.03.23 19:27:14 | 000,001,351 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download\4K Video Downloader.lnk
[2017.05.03 21:57:12 | 000,000,950 | ---- | M] () -- \ProgramData\NVIDIA Corporation\Downloader\latest\GFExperience\www\external-page-loader-app.html
[2017.05.03 21:57:12 | 000,437,907 | ---- | M] () -- \ProgramData\NVIDIA Corporation\Downloader\latest\GFExperience\www\external-page-loader-app.js
[2017.04.11 17:32:42 | 000,008,908 | ---- | M] () -- \ProgramData\NVIDIA Corporation\Downloader\latest\nodejs\downloader.js
[2017.05.03 21:28:29 | 002,448,504 | ---- | M] () -- \ProgramData\NVIDIA Corporation\Downloader\latest\nodejs\Downloader.node
[2017.04.19 12:08:37 | 000,000,090 | ---- | M] () -- \Users\All Users\AVAST Software\Avast\SWCUData\Cache\InstallLocation\4K Video Downloader_is1
[2017.03.23 19:27:14 | 000,001,351 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\4K Download\4K Video Downloader.lnk
[2017.05.03 21:57:12 | 000,000,950 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\Downloader\latest\GFExperience\www\external-page-loader-app.html
[2017.05.03 21:57:12 | 000,437,907 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\Downloader\latest\GFExperience\www\external-page-loader-app.js
[2017.04.11 17:32:42 | 000,008,908 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\Downloader\latest\nodejs\downloader.js
[2017.05.03 21:28:29 | 002,448,504 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\Downloader\latest\nodejs\Downloader.node
[2016.09.01 06:57:34 | 000,001,928 | ---- | M] () -- \Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl\2.2_0\loader.gif
[2017.03.14 13:47:08 | 000,004,647 | ---- | M] () -- \Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\57.0.2987.84_0\wcs_loader.js
[2017.03.31 13:55:52 | 000,002,308 | ---- | M] () -- \Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.12_0\content\frame_loader.js
[2017.03.31 13:55:52 | 000,001,224 | ---- | M] () -- \Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.12_0\js\main\cache_loader.js
[2017.05.12 19:40:06 | 000,000,000 | ---- | M] () -- \Users\winki\AppData\Local\Plex Media Server\Logs\Plex Crash Uploader.log
[2017.05.13 18:41:11 | 000,000,003 | ---- | M] () -- \Users\winki\AppData\Local\Temp\CEPHtmlEngine7-PHXS-18.0.0-com.adobe.preview.loader-renderer.log
[2017.05.13 18:41:11 | 000,000,003 | ---- | M] () -- \Users\winki\AppData\Local\Temp\CEPHtmlEngine7-PHXS-18.0.0-com.adobe.preview.loader.log
[2017.04.21 15:25:22 | 000,000,003 | ---- | M] () -- \Users\winki\AppData\Local\Temp\CEPHtmlEngine7-PHXS-18.0.1-com.adobe.preview.loader-renderer.log
[2017.04.21 15:25:22 | 000,000,003 | ---- | M] () -- \Users\winki\AppData\Local\Temp\CEPHtmlEngine7-PHXS-18.0.1-com.adobe.preview.loader.log
[94 \Users\winki\AppData\Local\Temp\*.tmp files -> \Users\winki\AppData\Local\Temp\*.tmp -> ]
[2017.03.18 13:40:22 | 000,012,192 | ---- | M] () -- \Users\winki\AppData\Local\Temp\4ACB4407-D057-476D-9902-3C0456CA68C8\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.18 13:40:22 | 000,011,680 | ---- | M] () -- \Users\winki\AppData\Local\Temp\4ACB4407-D057-476D-9902-3C0456CA68C8\api-ms-win-core-libraryloader-l1-1-1.dll
[2017.03.18 13:40:21 | 000,011,168 | ---- | M] () -- \Users\winki\AppData\Local\Temp\4ACB4407-D057-476D-9902-3C0456CA68C8\api-ms-win-core-stringloader-l1-1-1.dll
[2017.03.18 13:40:22 | 000,012,192 | ---- | M] () -- \Users\winki\AppData\Local\Temp\F51B8ADA-0764-4332-B8DD-CB05401E30AA\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.18 13:40:22 | 000,011,680 | ---- | M] () -- \Users\winki\AppData\Local\Temp\F51B8ADA-0764-4332-B8DD-CB05401E30AA\api-ms-win-core-libraryloader-l1-1-1.dll
[2017.03.18 13:40:21 | 000,011,168 | ---- | M] () -- \Users\winki\AppData\Local\Temp\F51B8ADA-0764-4332-B8DD-CB05401E30AA\api-ms-win-core-stringloader-l1-1-1.dll
[2017.04.29 23:17:29 | 000,374,423 | ---- | M] () -- \Users\winki\AppData\LocalLow\Microids\Syberia3\1--UI_Loader_Zone_Monde01_Hospital_Title--131379814492562916--UI_Loader_Zone_Monde01_Hospital_Summary
[2015.04.03 17:59:14 | 000,013,817 | ---- | M] () -- \Users\winki\AppData\Roaming\5kplayer\package\Lib\unittest\loader.py
[2017.03.23 19:27:14 | 000,001,333 | ---- | M] () -- \Users\winki\Desktop\4K Video Downloader.lnk
[2017.03.18 22:58:44 | 000,042,496 | ---- | M] () -- \Windows\System32\dmloader.dll
[2017.05.02 00:38:30 | 000,577,728 | ---- | M] () -- \Windows\System32\nvfatbinaryLoader.dll
[2017.03.18 22:57:38 | 000,011,680 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.18 22:57:38 | 000,011,168 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2017.03.18 22:57:38 | 000,010,656 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2017.04.20 03:59:14 | 000,577,728 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_274d0ab8ee30c459\nvfatbinaryLoader32.dll
[2017.04.20 03:59:14 | 000,688,968 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_274d0ab8ee30c459\nvfatbinaryLoader64.dll
[2017.05.02 00:38:30 | 000,577,728 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvfatbinaryLoader32.dll
[2017.05.02 00:38:30 | 000,688,968 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvfatbinaryLoader64.dll
[2017.04.01 05:27:00 | 000,577,544 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e69a53b8ddde469c\nvfatbinaryLoader32.dll
[2017.04.01 05:27:00 | 000,688,968 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e69a53b8ddde469c\nvfatbinaryLoader64.dll
[2017.03.17 03:01:06 | 000,576,192 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f37f8f12da8b10d7\nvfatbinaryLoader32.dll
[2017.03.17 03:01:06 | 000,687,408 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f37f8f12da8b10d7\nvfatbinaryLoader64.dll
[2017.03.18 22:58:18 | 000,001,016 | ---- | M] () -- \Windows\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Toolkit\Controls\ImageWithLoaderVisual.xbf
[2017.03.18 22:58:44 | 000,042,496 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2017.05.02 00:38:30 | 000,577,728 | ---- | M] () -- \Windows\SysWOW64\nvfatbinaryLoader.dll
[2017.03.18 22:57:38 | 000,011,680 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.18 22:57:38 | 000,011,168 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2017.03.18 22:57:38 | 000,010,656 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2017.04.19 12:05:53 | 000,019,136 | ---- | M] () -- \Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.20 12:10:48 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_10.0.15063.0_none_41652c9a9e54011f\hvloader.efi
[2017.04.20 12:10:48 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_10.0.15063.0_none_41652c9a9e54011f\hvloader.exe
[2017.03.18 22:57:58 | 000,965,024 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_10.0.15063.138_none_c5759e7bcbc9b343\hvloader.efi
[2017.03.18 22:57:58 | 000,821,664 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_10.0.15063.138_none_c5759e7bcbc9b343\hvloader.exe
[2017.03.18 22:57:42 | 000,049,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_10.0.15063.0_none_5707f52ac87188c2\dmloader.dll
[2017.03.18 13:40:22 | 000,012,192 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.15063.0_none_d878b3e9b9e90743\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.18 13:40:22 | 000,011,680 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.15063.0_none_d878b3e9b9e90743\api-ms-win-core-libraryloader-l1-1-1.dll
[2017.03.18 13:40:21 | 000,011,168 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.15063.0_none_d878b3e9b9e90743\api-ms-win-core-stringloader-l1-1-1.dll
[2017.03.18 22:58:18 | 000,001,016 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-xbox-gamecallableui.toolkit_31bf3856ad364e35_10.0.15063.0_none_ba445a8aab8775dc\ImageWithLoaderVisual.xbf
[2017.03.20 06:41:42 | 002,689,024 | ---- | M] () -- \Windows\WinSxS\amd64_windows-senseclient-service_31bf3856ad364e35_10.0.15063.0_none_b9389646c80384de\SenseSampleUploader.exe
[2017.03.20 06:39:42 | 000,000,474 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_445647e335d8337d.manifest
[2017.04.20 12:16:29 | 000,009,772 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_445647e335d8337d_winload.efi.mui_35ee487d
[2017.04.20 12:16:29 | 000,009,768 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_445647e335d8337d_winload.exe.mui_3bc5b827
[2017.04.20 12:16:29 | 000,007,848 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_445647e335d8337d_winresume.efi.mui_f412814e
[2017.04.20 12:16:29 | 000,007,854 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_445647e335d8337d_winresume.exe.mui_ff8b5358
[2017.03.18 23:01:15 | 000,000,602 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.15063.0_none_6c3a936ba57599b0.manifest
[2017.03.18 23:34:04 | 000,663,216 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.15063.0_none_6c3a936ba57599b0_winload.efi_75834aa0
[2017.03.18 23:34:05 | 000,571,166 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.15063.0_none_6c3a936ba57599b0_winload.exe_75835076
[2017.03.18 23:34:06 | 000,512,152 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.15063.0_none_6c3a936ba57599b0_winresume.efi_85cd069f
[2017.03.18 23:34:07 | 000,439,554 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.15063.0_none_6c3a936ba57599b0_winresume.exe_85cd1215
[2017.03.18 23:01:11 | 000,000,612 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2017.03.18 23:01:11 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2017.03.20 06:38:20 | 000,000,474 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_445647e335d8337d.manifest
[2017.03.18 22:52:55 | 000,000,602 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.15063.0_none_6c3a936ba57599b0.manifest
[2017.04.19 12:05:55 | 000,019,136 | ---- | M] () -- \Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.18 22:58:44 | 000,042,496 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_10.0.15063.0_none_fae959a71014178c\dmloader.dll
[2017.03.18 22:57:38 | 000,011,680 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.15063.0_none_7c5a1866018b960d\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.18 22:57:38 | 000,011,168 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.15063.0_none_7c5a1866018b960d\api-ms-win-core-libraryloader-l1-1-1.dll
[2017.03.18 22:57:38 | 000,010,656 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_10.0.15063.0_none_7c5a1866018b960d\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2017.03.01 23:34:16 | 005,196,288 | ---- | M] () -- \Users\winki\AppData\Roaming\ZHP\Quarantine\AutoKMS.exe
[2017.04.10 10:48:46 | 000,021,743 | ---- | M] () -- \Users\winki\AppData\Roaming\ZHP\Quarantine\AutoKMS.log
[61 \Users\winki\AppData\Roaming\ZHP\Quarantine\*.tmp files -> \Users\winki\AppData\Roaming\ZHP\Quarantine\*.tmp -> ]

< *activator* /s >
[2017.01.27 01:55:26 | 000,013,297 | ---- | M] () -- \Program Files (x86)\Steam\tenfoot\resource\layout\library\controller_properties_activator.xml
[2017.02.26 12:44:15 | 000,000,268 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MinecraftUWP_1.0.801.0_x64__8wekyb3d8bbwe\data\resource_packs\vanilla\textures\blocks\rail_activator.png
[2017.02.26 12:44:15 | 000,000,319 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MinecraftUWP_1.0.801.0_x64__8wekyb3d8bbwe\data\resource_packs\vanilla\textures\blocks\rail_activator_powered.png
[2017.03.18 23:01:15 | 000,000,679 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-pdc-activatorpolicy_31bf3856ad364e35_10.0.15063.0_none_2e3a3680c3383eed.manifest
[2017.03.18 22:52:09 | 000,000,679 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-pdc-activatorpolicy_31bf3856ad364e35_10.0.15063.0_none_2e3a3680c3383eed.manifest

< *serial* /s >
[2017.03.01 16:02:02 | 000,001,162 | ---- | M] () -- \Program Files (x86)\Plex\Plex Media Server\Resources\Plug-ins-03e4cfa35\Framework.bundle\Contents\Resources\Versions\2\Python\Framework\modelling\serialization.py
[2011.08.16 10:23:46 | 000,002,700 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2015.3\Support Files\Plug-ins\Trapcode\Help\Form\Files\help_serial.html
[2016.10.20 04:59:10 | 000,682,728 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\boost_serialization.dll
[2016.10.19 21:09:04 | 000,000,179 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\frameworks\cinema.framework\source\description\Sserial.h
[2016.10.19 21:09:16 | 000,000,179 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\description\Sserial.h
[2016.10.19 21:09:16 | 000,000,240 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\description\Sserial.res
[2016.10.19 21:09:16 | 000,003,335 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\dialogs\IDC_SERIALSERVERMANAGER.res
[2016.10.19 21:09:16 | 000,000,190 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\strings_us\description\Sserial.str
[2016.10.19 21:09:16 | 000,001,111 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\lite\resource\modules\licenseserver\strings_us\dialogs\IDC_SERIALSERVERMANAGER.str
[2011.08.16 10:23:46 | 000,002,700 | ---- | M] () -- \Program Files\Adobe\Adobe After Effects CC 2017\Support Files\Plug-ins\Trapcode\Help\Form\Files\help_serial.html
[2016.10.11 02:03:52 | 000,494,312 | ---- | M] () -- \Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\boost_serialization.dll
[2016.10.14 04:54:36 | 000,682,728 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CC 2017\boost_serialization.dll
[2016.10.12 01:38:40 | 000,003,273 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CC 2017\Required\CEP\extensions\com.adobe.photoshop.crema\node_modules\jquery\src\serialize.js
[2016.10.20 02:59:36 | 000,682,728 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CC 2017\boost_serialization.dll
[2015.07.31 10:58:06 | 000,793,256 | ---- | M] () -- \Program Files\Microsoft Office\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Document.XmlSerializers.dll
[2015.07.31 10:58:06 | 000,133,800 | ---- | M] () -- \Program Files\Microsoft Office\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Storage.XmlSerializers.dll
[2015.07.31 10:57:54 | 000,179,368 | ---- | M] () -- \Program Files\Microsoft Office\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2015.07.31 10:57:54 | 000,238,248 | ---- | M] () -- \Program Files\Microsoft Office\Office16\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2017.03.31 13:55:52 | 000,025,925 | ---- | M] () -- \Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.12_0\content\HtmlSerializer.js
[2017.05.12 11:43:48 | 002,841,088 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\07a5a4d300b2c7a984bed4b6f9cc5eba\System.Runtime.Serialization.ni.dll
[2017.05.12 11:43:48 | 000,001,100 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\07a5a4d300b2c7a984bed4b6f9cc5eba\System.Runtime.Serialization.ni.dll.aux
[2017.05.12 11:44:29 | 003,345,920 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\eafc6aa3389ccb8969c47f1020b05982\System.Runtime.Serialization.ni.dll
[2017.05.12 11:44:29 | 000,001,100 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\eafc6aa3389ccb8969c47f1020b05982\System.Runtime.Serialization.ni.dll.aux
[2017.03.18 22:56:25 | 000,001,040 | ---- | M] () -- \Windows\INF\c_multiportserial.inf
[2017.03.11 01:08:14 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2017.03.18 22:59:42 | 000,141,680 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2017.03.18 22:59:43 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2017.03.18 22:59:43 | 000,029,520 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2017.03.11 01:08:16 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2017.03.18 22:59:44 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2017.03.18 22:59:46 | 001,052,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2017.03.18 22:59:48 | 000,045,808 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2017.03.18 22:59:44 | 000,029,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2017.03.18 22:59:46 | 001,052,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2017.03.18 22:59:42 | 000,141,680 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2017.03.18 22:59:43 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2017.03.18 22:59:43 | 000,029,520 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2017.03.18 22:59:44 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2017.03.18 22:59:48 | 000,045,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2017.03.18 22:59:44 | 000,029,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2017.03.11 01:08:14 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2017.03.11 01:08:16 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2017.03.18 22:59:43 | 001,052,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2017.03.18 22:59:48 | 000,141,680 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2017.03.18 22:59:47 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2017.03.18 22:59:43 | 000,029,520 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2017.03.18 22:59:42 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2017.03.18 22:59:42 | 000,045,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2017.03.18 22:59:46 | 000,029,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2017.03.11 01:08:14 | 000,028,000 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2017.03.11 01:08:16 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2017.03.19 23:11:06 | 000,010,183 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-OneCore-Connectivity-Serial-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.15063.0.cat
[2017.03.19 04:36:28 | 000,001,105 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-OneCore-Connectivity-Serial-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.15063.0.mum
[2017.03.18 09:47:44 | 000,010,958 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-OneCore-Connectivity-Serial-Package~31bf3856ad364e35~amd64~~10.0.15063.0.cat
[2017.03.18 09:47:10 | 000,000,882 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-OneCore-Connectivity-Serial-Package~31bf3856ad364e35~amd64~~10.0.15063.0.mum
[2017.03.18 22:58:45 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2017.03.18 22:58:54 | 000,125,440 | ---- | M] () -- \Windows\System32\Windows.Devices.SerialCommunication.dll
[2017.03.19 23:11:06 | 000,010,183 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-Connectivity-Serial-Package~31bf3856ad364e35~amd64~cs-CZ~10.0.15063.0.cat
[2017.03.18 09:47:44 | 000,010,958 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-Connectivity-Serial-Package~31bf3856ad364e35~amd64~~10.0.15063.0.cat
[2017.03.18 22:36:08 | 000,005,632 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2017.03.18 08:05:24 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2017.03.18 22:56:25 | 000,001,040 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_a2fa440e89eeff46\c_multiportserial.inf
[2017.04.19 16:52:01 | 000,004,412 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_a2fa440e89eeff46\c_multiportserial.PNF
[2017.03.18 22:56:26 | 000,084,480 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_05d977a8d9cb7c99\serial.sys
[2017.03.18 07:47:00 | 000,003,072 | ---- | M] () -- \Windows\System32\en-US\Windows.Devices.SerialCommunication.dll.mui
[2017.03.18 22:58:45 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2017.03.18 22:58:54 | 000,125,440 | ---- | M] () -- \Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
[2017.03.18 22:36:08 | 000,005,632 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2017.03.18 07:47:00 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\en-US\Windows.Devices.SerialCommunication.dll.mui
[2017.03.18 08:05:24 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_10.0.15063.0_en-us_56406514e81b07df\c_multiportserial.inf_loc
[2017.03.18 22:56:25 | 000,001,040 | ---- | M] () -- \Windows\WinSxS\amd64_dual_c_multiportserial.inf_31bf3856ad364e35_10.0.15063.0_none_946d4eb29246eef6\c_multiportserial.inf
[2017.03.18 08:01:00 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-v..ck-serial.resources_31bf3856ad364e35_10.0.15063.0_en-us_ba04149afaff0cda\vmserial.dll.mui
[2017.03.18 23:09:08 | 000,070,674 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-vstack-serial_31bf3856ad364e35_10.0.15063.0_none_d9612f1a71f947c7\vmserial.dll
[2017.03.18 22:58:18 | 000,167,424 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-d..communication-winrt_31bf3856ad364e35_10.0.15063.0_none_056a9960c34e65c3\Windows.Devices.SerialCommunication.dll
[2017.03.18 07:47:00 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-d..ion-winrt.resources_31bf3856ad364e35_10.0.15063.0_en-us_4d04b95c5ed469ca\Windows.Devices.SerialCommunication.dll.mui
[2017.04.20 12:12:06 | 000,004,518 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_d140442ce424cc86\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2017.03.19 16:42:54 | 000,005,632 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_5f7ebacb1c797de4\serialui.dll.mui
[2017.03.18 22:57:01 | 000,019,456 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_10.0.15063.0_none_06157ac757797621\serialui.dll
[2017.04.20 12:12:32 | 000,022,576 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_6e87ebca8b4d92c3\System.RunTime.Serialization.Resources.dll
[2017.03.19 04:35:36 | 000,010,240 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_d5c9fbbf850b1d8d\serial.sys.mui
[2017.03.18 22:56:26 | 000,084,480 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_10.0.15063.0_none_09ab89eaf12cfd9b\serial.sys
[2017.03.11 01:08:16 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.14917.0_cs-cz_1363eabf02acfd9e\System.RunTime.Serialization.resources.dll
[2017.03.18 22:59:48 | 000,141,680 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.14917.0_none_ecfaa428f82fd1c9\System.Runtime.Serialization.Formatters.Soap.dll
[2017.03.18 22:59:43 | 000,029,520 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.14917.0_none_5a2182b32d889f55\System.Runtime.Serialization.Primitives.dll
[2017.03.11 01:08:14 | 000,028,000 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.14917.0_cs-cz_5bb19b36664615c8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2017.03.18 22:59:47 | 000,029,472 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.14917.0_none_f8d66831ed3391cb\System.Runtime.Serialization.Json.dll
[2017.03.18 22:59:42 | 000,029,472 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.14917.0_none_dfee4005121ac738\System.Runtime.Serialization.Xml.dll
[2017.03.18 22:59:43 | 001,052,936 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.14917.0_none_a58e0316480ad3fd\System.Runtime.Serialization.dll
[2017.03.18 22:59:42 | 000,045,808 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.14917.0_none_1550f4c306cbe2dc\System.Xml.Serialization.dll
[2017.03.18 22:59:46 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.14917.0_none_00da8c05b830df8f\System.Xml.XmlSerializer.dll
[2017.03.18 23:30:27 | 000,239,192 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_10.0.15063.0_none_3e0cf62f54a5d573\System.Runtime.Serialization.dll
[2017.03.18 23:30:27 | 000,239,192 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_10.0.15063.0_none_78e402f9a89dd00c\System.Runtime.Serialization.dll
[2017.03.20 06:37:55 | 000,000,273 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_10.0.15063.0_cs-cz_e358e723e6aa77d8.manifest
[2017.03.20 06:38:13 | 000,000,278 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_10.0.15063.0_en-us_56406514e81b07df.manifest
[2017.03.18 22:51:44 | 000,000,778 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_dual_c_multiportserial.inf_31bf3856ad364e35_10.0.15063.0_none_946d4eb29246eef6.manifest
[2017.03.20 06:38:50 | 000,000,354 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-hyper-v-v..ck-serial.resources_31bf3856ad364e35_10.0.15063.0_en-us_ba04149afaff0cda.manifest
[2017.03.18 22:55:15 | 000,001,600 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-hyper-v-vstack-serial_31bf3856ad364e35_10.0.15063.0_none_d9612f1a71f947c7.manifest
[2017.03.18 22:51:54 | 000,000,145 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-onecore-c..y-serial-deployment_31bf3856ad364e35_10.0.15063.0_none_fa32123baf01be96.manifest
[2017.03.18 22:52:57 | 000,000,342 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_10.0.15063.0_none_22c96657e579a87d.manifest
[2017.03.18 22:53:10 | 000,001,566 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_10.0.15063.0_none_47288b6992024654.manifest
[2017.03.18 22:54:55 | 000,000,366 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.14917.0_none_f8d66831ed3391cb.manifest
[2017.03.18 22:54:48 | 000,000,367 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.14917.0_none_dfee4005121ac738.manifest
[2017.03.18 22:54:50 | 000,000,379 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.14917.0_none_a58e0316480ad3fd.manifest
[2017.03.18 22:54:48 | 000,000,362 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.14917.0_none_1550f4c306cbe2dc.manifest
[2017.03.18 22:54:54 | 000,000,362 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.14917.0_none_00da8c05b830df8f.manifest
[2017.03.18 22:54:47 | 000,000,375 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_10.0.15063.0_none_3e0cf62f54a5d573.manifest
[2017.03.18 22:54:47 | 000,000,383 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_10.0.15063.0_none_78e402f9a89dd00c.manifest
[2017.03.18 22:54:49 | 000,000,385 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.14917.0_none_57ad03792915f188.manifest
[2017.03.18 22:54:50 | 000,000,392 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.14917.0_none_d3a6552a51cc1c80.manifest
[2017.03.18 22:54:47 | 000,000,370 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_10.0.15063.0_none_8b735869549c5d9d.manifest
[2017.03.20 06:38:42 | 000,000,405 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_10.0.15063.0_cs-cz_191e9f2263e87db7.manifest
[2017.03.20 06:38:44 | 000,000,451 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.14917.0_cs-cz_1b36c495aaa5e087.manifest
[2017.03.18 22:54:51 | 000,000,385 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.14917.0_none_02cbc33a68be0037.manifest
[2017.03.18 22:54:47 | 000,000,376 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_10.0.15063.0_none_bbb68e037c435ed0.manifest
[2017.03.18 22:54:54 | 000,000,431 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.14917.0_none_bdceb376c300c1a0.manifest
[2017.03.18 22:54:56 | 000,000,414 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.14917.0_none_506d337cfd152145.manifest
[2017.03.18 22:54:51 | 000,000,381 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.14917.0_none_3282f041711f7698.manifest
[2017.03.18 22:54:48 | 000,000,379 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_10.0.15063.0_none_c09139d0bd19f912.manifest
[2017.03.18 22:59:42 | 000,141,680 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.14917.0_none_037ba80a06f2f022\System.Runtime.Serialization.Formatters.Soap.dll
[2017.04.20 12:13:06 | 000,004,518 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_10.0.15063.0_cs-cz_ba8c9902b9cd964b\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2017.03.11 01:08:14 | 000,028,000 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.14917.0_cs-cz_bca4be76008af91b\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2017.03.18 22:59:43 | 000,029,472 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.14917.0_none_57ad03792915f188\System.Runtime.Serialization.Json.dll
[2017.03.18 22:59:43 | 000,029,520 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.14917.0_none_d3a6552a51cc1c80\System.Runtime.Serialization.Primitives.dll
[2017.03.18 23:30:50 | 000,267,060 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_10.0.15063.0_none_8b735869549c5d9d\System.Runtime.Serialization.dll
[2017.04.20 12:13:06 | 000,022,576 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_10.0.15063.0_cs-cz_191e9f2263e87db7\System.RunTime.Serialization.Resources.dll
[2017.03.11 01:08:16 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.14917.0_cs-cz_1b36c495aaa5e087\System.RunTime.Serialization.resources.dll
[2017.03.18 22:59:44 | 000,029,472 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.14917.0_none_02cbc33a68be0037\System.Runtime.Serialization.Xml.dll
[2017.03.18 23:30:50 | 000,267,060 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_10.0.15063.0_none_bbb68e037c435ed0\System.Runtime.Serialization.dll
[2017.03.18 22:59:46 | 001,052,936 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.14917.0_none_bdceb376c300c1a0\System.Runtime.Serialization.dll
[2017.03.18 22:59:48 | 000,045,808 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.14917.0_none_506d337cfd152145\System.Xml.Serialization.dll
[2017.03.18 22:59:44 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.14917.0_none_3282f041711f7698\System.Xml.XmlSerializer.dll
[2017.03.18 22:58:54 | 000,125,440 | ---- | M] () -- \Windows\WinSxS\wow64_microsoft-windows-d..communication-winrt_31bf3856ad364e35_10.0.15063.0_none_0fbf43b2f7af27be\Windows.Devices.SerialCommunication.dll
[2017.03.18 07:47:00 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\wow64_microsoft-windows-d..ion-winrt.resources_31bf3856ad364e35_10.0.15063.0_en-us_575963ae93352bc5\Windows.Devices.SerialCommunication.dll.mui
[2017.04.20 12:16:19 | 000,004,516 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_7521a8a92bc75b50\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2017.03.18 22:36:08 | 000,005,632 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_10.0.15063.0_cs-cz_03601f47641c0cae\serialui.dll.mui
[2017.03.18 22:58:45 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_10.0.15063.0_none_a9f6df439f1c04eb\serialui.dll
[2017.03.18 23:33:22 | 000,267,060 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_10.0.15063.0_none_c09139d0bd19f912\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

VIRY.CZ

Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač

Re: Lagujicí počítač