Ahoj, preventivku moc prosím

[abdul99]

Logfile of random's system information tool 1.14 (written by random/random)
Run by Adrian at 2017-06-04 22:15:15
Microsoft Windows 10 Home
System drive C: has 167 GB (24%) free of 703 GB
Total RAM: 3971 MB (48% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:25, on 4. 6. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Adrian_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Aktualizace oznámení.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - Tempo Semiconductor Inc - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15675 bytes

======Enumerating Processes======

C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\BCA\pabeSvc64.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe"
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
C:\Windows\system32\TODDSrv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
C:\Program Files (x86)\Connectify\ConnectifyD.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
C:\WINDOWS\System32\fontdrvhost.exe
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6400.0.1667471018\468268231" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6400 "\\.\pipe\gecko-crash-server-pipe.6400" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6400.2.585122407\1460302190" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6400 "\\.\pipe\gecko-crash-server-pipe.6400" tab
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\AUDIODG.EXE 0x6e8
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Adrian\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton Security Scan for Adrian.job - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMSDaily - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\Norton Security Scan for Adrian - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck
C:\WINDOWS\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 - C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck
C:\WINDOWS\system32\tasks\Resolution+ Setting Task - C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1470022667 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{FE3A5D4E-4A52-446E-8C5A-03B0B574B1D7} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
C:\WINDOWS\system32\tasks\TOSHIBA\CommonNotifier - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
C:\WINDOWS\system32\tasks\TOSHIBA\Service Station - "C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\WINDOWS\system32\tasks\Nero\Nero Info - "C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe" -shedul
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\Windows\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\searchplugins\
seznam-avast.xml

C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions.json
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Avast Online Security - webextension - wrc@avast.com - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\wrc@avast.com.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\extensions\sp@avast.com.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\features\{5edec9a4-4c35-4074-afb4-9e08506baed8}\shield-recipe-client@mozilla.org.xpi

C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.171 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll

=========Google Chrome=========

C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.199
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5616.1121.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13 622984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-04-11 236744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~2\Office16\GROOVEEX.DLL [2017-02-23 2179376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13 521608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2017-02-23 1524528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21 173120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-05-03 391648]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-08 3954880]
"Connectify Hotspot"=C:\Program Files (x86)\Connectify\Connectify.exe [2016-12-14 4131384]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-13 213824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-07-29 554184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-18 4179288]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2014-11-19 1092448]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2014-09-12 437248]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizace oznámení.lnk - C:\Program Files\WinZip\WZUpdateNotifier.exe
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
WinZip Preloader.lnk - C:\Program Files\WinZip\WzPreloader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-06-03 19:08:28 ----D---- C:\ProgramData\TrueKey
2017-05-28 22:13:03 ----D---- C:\Users\Adrian\AppData\Roaming\Nero
2017-05-28 21:48:52 ----AD---- C:\Program Files (x86)\Nero
2017-05-28 21:48:45 ----AD---- C:\ProgramData\Nero
2017-05-13 13:26:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-05-12 17:10:24 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2017-05-12 17:10:24 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-05-12 17:10:23 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2017-05-12 17:10:23 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2017-05-12 17:10:22 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-05-12 17:10:22 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2017-05-12 17:10:21 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2017-05-12 17:10:21 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-05-12 17:10:20 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-05-12 17:10:15 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-05-12 17:10:15 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2017-05-12 17:10:14 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-05-12 17:10:13 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2017-05-12 17:10:06 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-05-12 17:10:06 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-05-12 17:10:05 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-05-12 17:10:05 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-05-12 17:10:03 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-05-12 17:09:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-05-12 17:09:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-05-12 17:09:56 ----A---- C:\WINDOWS\SYSWOW64\setupugc.exe
2017-05-12 17:09:56 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2017-05-12 17:09:53 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2017-05-12 17:09:53 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2017-05-12 17:09:44 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-05-12 17:09:44 ----A---- C:\WINDOWS\SYSWOW64\adsnt.dll
2017-05-12 17:09:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-05-12 17:09:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2017-05-12 17:09:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2017-05-12 17:09:43 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2017-05-12 17:09:43 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-05-12 17:09:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll
2017-05-12 17:09:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll
2017-05-12 17:09:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-12 17:09:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2017-05-12 17:09:41 ----A---- C:\WINDOWS\SYSWOW64\WinRtTracing.dll
2017-05-12 17:09:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2017-05-12 17:09:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-05-12 17:09:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2017-05-12 17:09:40 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2017-05-12 17:09:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-12 17:09:36 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2017-05-12 17:09:36 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-05-12 17:09:35 ----A---- C:\WINDOWS\SYSWOW64\wsp_sr.dll
2017-05-12 17:09:35 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2017-05-12 17:09:34 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-05-12 17:09:34 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-05-12 17:09:33 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-05-12 17:09:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-05-12 17:09:32 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-05-12 17:09:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2017-05-12 17:09:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2017-05-12 17:09:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-05-12 17:09:30 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2017-05-12 17:09:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-12 17:09:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2017-05-12 17:09:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2017-05-12 17:09:26 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2017-05-12 17:09:26 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2017-05-12 17:09:26 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-05-12 17:09:26 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-05-12 17:09:26 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-05-12 17:09:25 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2017-05-12 17:09:25 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-05-12 17:09:25 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-05-12 17:09:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-05-12 17:09:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2017-05-12 17:09:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-05-12 17:09:24 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-05-12 17:09:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-05-12 17:09:23 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-05-12 17:09:23 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-05-12 17:09:23 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2017-05-12 17:09:22 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2017-05-12 17:09:22 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-05-12 17:09:22 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2017-05-12 17:09:21 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-05-12 17:09:21 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-05-12 17:09:21 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2017-05-12 17:09:19 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2017-05-12 17:09:19 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-05-12 17:09:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-05-12 17:09:18 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2017-05-12 17:09:18 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-05-12 17:09:18 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-05-12 17:09:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-05-12 17:09:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2017-05-12 17:09:14 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll
2017-05-12 17:09:14 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-05-12 17:09:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-12 17:09:13 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-05-12 17:09:13 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-05-12 17:09:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-05-12 17:09:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2017-05-12 17:09:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-05-12 17:09:12 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-05-12 17:09:11 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-05-12 17:09:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-12 17:09:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-05-12 17:09:10 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2017-05-12 17:09:10 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-05-12 17:09:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2017-05-12 17:09:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2017-05-12 17:09:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2017-05-12 17:09:06 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll
2017-05-12 17:09:06 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2017-05-12 17:09:06 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2017-05-12 17:09:05 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2017-05-12 17:09:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll
2017-05-12 17:09:05 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2017-05-12 17:09:04 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-05-12 17:09:04 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-05-12 17:09:04 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2017-05-12 17:09:04 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2017-05-12 17:09:03 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-05-12 17:09:03 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2017-05-12 17:09:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-05-12 17:09:01 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2017-05-12 17:08:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-12 17:08:58 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2017-05-12 17:08:58 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-05-12 17:08:58 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-05-12 17:08:58 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2017-05-12 17:08:57 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2017-05-12 17:08:57 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-05-12 17:08:57 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-05-12 17:08:56 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-05-12 17:08:56 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-05-12 17:08:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-05-12 17:08:55 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-05-12 17:08:54 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-05-12 17:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2017-05-12 17:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2017-05-12 17:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2017-05-12 17:08:53 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-05-12 17:08:53 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-05-12 17:08:51 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-05-12 17:08:51 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2017-05-12 17:08:50 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-05-12 17:08:50 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-05-12 17:08:49 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-05-12 17:08:49 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2017-05-12 17:08:48 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-05-12 17:08:47 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2017-05-12 17:08:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2017-05-12 17:08:45 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2017-05-12 17:08:44 ----A---- C:\WINDOWS\SYSWOW64\imapi2.dll
2017-05-12 17:08:42 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-05-12 17:08:40 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-05-12 17:08:39 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-05-12 17:08:39 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-05-12 17:08:38 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-05-12 17:08:38 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-05-12 17:08:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-05-12 17:08:36 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-05-12 17:08:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2017-05-12 17:08:30 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2017-05-12 17:08:29 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2017-05-12 17:08:29 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-05-12 17:08:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Energy.dll
2017-05-12 17:08:28 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-05-12 17:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-05-12 17:08:27 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2017-05-12 17:08:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-05-12 17:08:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-05-12 17:08:26 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-05-12 17:08:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-05-12 17:08:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2017-05-12 17:08:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2017-05-12 17:08:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2017-05-12 17:08:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2017-05-12 17:08:23 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll
2017-05-12 17:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-05-12 17:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2017-05-12 17:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2017-05-12 17:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2017-05-12 17:08:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2017-05-12 17:08:22 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2017-05-12 17:08:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2017-05-12 17:08:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2017-05-12 17:08:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-12 17:08:21 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-05-12 17:08:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2017-05-12 17:08:20 ----A---- C:\WINDOWS\SYSWOW64\CryptoWinRT.dll
2017-05-12 17:08:20 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2017-05-12 17:08:19 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2017-05-12 17:08:19 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-05-12 17:08:18 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2017-05-12 17:08:18 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-05-12 17:08:17 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-05-12 17:08:17 ----A---- C:\WINDOWS\SYSWOW64\CameraCaptureUI.dll
2017-05-12 17:08:16 ----A---- C:\WINDOWS\SYSWOW64\BthTelemetry.dll
2017-05-12 17:08:15 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-05-12 17:08:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2017-05-12 17:08:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-05-12 17:08:14 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-05-12 17:08:14 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-05-12 17:08:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-12 17:08:12 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2017-05-12 17:08:12 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2017-05-12 17:08:12 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-05-12 17:08:11 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-05-12 17:08:11 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2017-05-12 17:08:11 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2017-05-12 17:08:11 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-05-12 17:08:11 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2017-05-12 17:08:11 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-05-12 16:56:19 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-05-12 16:56:19 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-05-12 16:56:18 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-12 16:56:18 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-12 16:56:18 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-12 16:56:18 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2017-05-12 16:56:17 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-12 16:56:17 ----A---- C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-12 16:56:17 ----A---- C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-12 16:56:16 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-05-12 16:56:16 ----A---- C:\WINDOWS\system32\WinRtTracing.dll
2017-05-12 16:56:16 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-12 16:56:16 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-12 16:56:15 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-12 16:56:12 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-12 16:56:12 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-12 16:56:12 ----A---- C:\WINDOWS\system32\AppContracts.dll
2017-05-12 16:56:09 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2017-05-12 16:55:20 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-12 16:54:59 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-05-12 16:54:56 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2017-05-12 16:54:56 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-05-12 16:54:54 ----A---- C:\WINDOWS\system32\mispace.dll
2017-05-12 16:54:53 ----A---- C:\WINDOWS\system32\wsp_sr.dll
2017-05-12 16:54:53 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-05-12 16:54:51 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-05-12 16:54:50 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-05-12 16:54:49 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2017-05-12 16:54:49 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-05-12 16:54:49 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-05-12 16:54:49 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-05-12 16:54:48 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-12 16:54:48 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-05-12 16:54:47 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-05-12 16:54:47 ----A---- C:\WINDOWS\system32\wimserv.exe
2017-05-12 16:54:47 ----A---- C:\WINDOWS\system32\wimgapi.dll
2017-05-12 16:54:47 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2017-05-12 16:54:46 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-05-12 16:54:46 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-12 16:54:46 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2017-05-12 16:54:43 ----A---- C:\WINDOWS\system32\WwaApi.dll
2017-05-12 16:54:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-05-12 16:54:43 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-12 16:54:40 ----A---- C:\WINDOWS\system32\wiaservc.dll
2017-05-12 16:54:39 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-05-12 16:54:38 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-12 16:54:38 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-12 16:54:37 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-05-12 16:54:37 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-12 16:54:37 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-05-12 16:54:37 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2017-05-12 16:54:36 ----A---- C:\WINDOWS\system32\VSSVC.exe
2017-05-12 16:54:36 ----A---- C:\WINDOWS\system32\virtdisk.dll
2017-05-12 16:54:36 ----A---- C:\WINDOWS\system32\vds.exe
2017-05-12 16:54:36 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-12 16:54:35 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-12 16:54:35 ----A---- C:\WINDOWS\system32\usercpl.dll
2017-05-12 16:54:35 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-05-12 16:54:35 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-12 16:54:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-12 16:54:34 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-12 16:54:32 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-12 16:54:32 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-12 16:54:29 ----A---- C:\WINDOWS\system32\usocore.dll
2017-05-12 16:54:29 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-05-12 16:54:29 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-05-12 16:54:28 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-12 16:54:24 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-12 16:54:24 ----A---- C:\WINDOWS\system32\Unistore.dll
2017-05-12 16:54:24 ----A---- C:\WINDOWS\system32\EmailApis.dll
2017-05-12 16:54:24 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-05-12 16:54:23 ----A---- C:\WINDOWS\system32\twinui.dll
2017-05-12 16:54:22 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-05-12 16:54:22 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-12 16:54:21 ----A---- C:\WINDOWS\system32\thumbcache.dll
2017-05-12 16:54:19 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-05-12 16:54:19 ----A---- C:\WINDOWS\system32\input.dll
2017-05-12 16:54:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-05-12 16:54:17 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-05-12 16:54:16 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-05-12 16:54:16 ----A---- C:\WINDOWS\system32\rdpclip.exe
2017-05-12 16:54:15 ----A---- C:\WINDOWS\system32\wksprt.exe
2017-05-12 16:54:15 ----A---- C:\WINDOWS\system32\tsmf.dll
2017-05-12 16:54:13 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-05-12 16:54:13 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-05-12 16:54:12 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-12 16:54:12 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-05-12 16:54:12 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-05-12 16:54:11 ----A---- C:\WINDOWS\system32\storagewmi.dll
2017-05-12 16:54:10 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-05-12 16:54:10 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-05-12 16:54:09 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-05-12 16:54:08 ----A---- C:\WINDOWS\system32\shutdownux.dll
2017-05-12 16:54:06 ----A---- C:\WINDOWS\system32\shell32.dll
2017-05-12 16:54:06 ----A---- C:\WINDOWS\system32\Family.Client.dll
2017-05-12 16:54:05 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2017-05-12 16:54:05 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-12 16:54:04 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-12 16:54:04 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-12 16:54:03 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-12 16:54:03 ----A---- C:\WINDOWS\system32\vaultcli.dll
2017-05-12 16:54:03 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-05-12 16:54:02 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-05-12 16:54:02 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-12 16:54:01 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-05-12 16:54:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-05-12 16:53:59 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-05-12 16:53:58 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-05-12 16:53:58 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-05-12 16:53:55 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-12 16:53:55 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-05-12 16:53:52 ----A---- C:\WINDOWS\system32\spaceman.exe
2017-05-12 16:53:51 ----A---- C:\WINDOWS\system32\SpaceControl.dll
2017-05-12 16:53:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-12 16:53:50 ----A---- C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-12 16:53:50 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-12 16:53:46 ----A---- C:\WINDOWS\system32\fvewiz.dll
2017-05-12 16:53:46 ----A---- C:\WINDOWS\system32\fvecpl.dll
2017-05-12 16:53:44 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-12 16:53:43 ----A---- C:\WINDOWS\system32\spwizeng.dll
2017-05-12 16:53:40 ----A---- C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-12 16:53:40 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-05-12 16:53:39 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-12 16:53:35 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-05-12 16:53:34 ----A---- C:\WINDOWS\system32\SpaceAgent.exe
2017-05-12 16:53:32 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-12 16:53:32 ----A---- C:\WINDOWS\system32\services.exe
2017-05-12 16:53:28 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-12 16:53:27 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-05-12 16:53:26 ----A---- C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-12 16:53:26 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-12 16:53:24 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-12 16:53:24 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2017-05-12 16:53:23 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-05-12 16:53:23 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-05-12 16:53:23 ----A---- C:\WINDOWS\system32\mprddm.dll
2017-05-12 16:53:22 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2017-05-12 16:53:21 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-05-12 16:53:21 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-05-12 16:53:20 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-12 16:53:18 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-05-12 16:53:17 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-12 16:53:17 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-12 16:53:17 ----A---- C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-12 16:53:17 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2017-05-12 16:53:16 ----A---- C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-12 16:53:15 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-12 16:53:15 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-12 16:53:15 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2017-05-12 16:53:15 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2017-05-12 16:53:14 ----A---- C:\WINDOWS\system32\wpnapps.dll
2017-05-12 16:53:11 ----A---- C:\WINDOWS\system32\wpncore.dll
2017-05-12 16:53:11 ----A---- C:\WINDOWS\system32\localspl.dll
2017-05-12 16:53:09 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-12 16:53:09 ----A---- C:\WINDOWS\system32\puiobj.dll
2017-05-12 16:53:07 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-05-12 16:53:06 ----A---- C:\WINDOWS\system32\rastls.dll
2017-05-12 16:53:06 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-05-12 16:53:06 ----A---- C:\WINDOWS\system32\oleacc.dll
2017-05-12 16:53:05 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2017-05-12 16:53:04 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-05-12 16:53:01 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-05-12 16:53:01 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-12 16:53:01 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-05-12 16:52:58 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-12 16:52:58 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-12 16:52:51 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-12 16:52:51 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-05-12 16:52:48 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2017-05-12 16:52:48 ----A---- C:\WINDOWS\system32\LocationApi.dll
2017-05-12 16:52:47 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-05-12 16:52:47 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-12 16:52:45 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-05-12 16:52:44 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-12 16:52:44 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-12 16:52:43 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-05-12 16:52:43 ----A---- C:\WINDOWS\system32\mfps.dll
2017-05-12 16:52:43 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-05-12 16:52:43 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-12 16:52:41 ----A---- C:\WINDOWS\system32\wmp.dll
2017-05-12 16:52:41 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-12 16:52:41 ----A---- C:\WINDOWS\system32\mf.dll
2017-05-12 16:52:40 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-12 16:52:40 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-12 16:52:40 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-12 16:52:37 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-05-12 16:52:34 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-05-12 16:52:33 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2017-05-12 16:52:33 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-12 16:52:32 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-12 16:52:30 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-05-12 16:52:29 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-05-12 16:52:29 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-05-12 16:52:29 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-05-12 16:52:28 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-12 16:52:26 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-05-12 16:52:21 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-05-12 16:52:19 ----A---- C:\WINDOWS\system32\kernel32.dll
2017-05-12 16:52:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-12 16:52:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-12 16:52:17 ----A---- C:\WINDOWS\system32\msi.dll
2017-05-12 16:52:15 ----A---- C:\WINDOWS\system32\imapi2.dll
2017-05-12 16:52:13 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-05-12 16:52:09 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-05-12 16:52:09 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-05-12 16:52:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-05-12 16:52:08 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-05-12 16:52:08 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-05-12 16:52:06 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-05-12 16:52:06 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-05-12 16:52:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-05-12 16:52:05 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-05-12 16:52:05 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-05-12 16:52:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-05-12 16:52:05 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-05-12 16:52:02 ----A---- C:\WINDOWS\system32\wininet.dll
2017-05-12 16:52:00 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-05-12 16:51:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-05-12 16:51:38 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-12 16:51:38 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-05-12 16:51:38 ----A---- C:\WINDOWS\system32\Geolocation.dll
2017-05-12 16:51:37 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-05-12 16:51:35 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-05-12 16:51:31 ----A---- C:\WINDOWS\system32\resutils.dll
2017-05-12 16:51:27 ----A---- C:\WINDOWS\system32\uReFS.dll
2017-05-12 16:51:25 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2017-05-12 16:51:24 ----A---- C:\WINDOWS\system32\Windows.Energy.dll
2017-05-12 16:51:24 ----A---- C:\WINDOWS\explorer.exe
2017-05-12 16:51:23 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-05-12 16:51:22 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-12 16:51:20 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2017-05-12 16:51:19 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-12 16:51:18 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-12 16:51:18 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-05-12 16:51:18 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-05-12 16:51:16 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-12 16:51:13 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-12 16:51:13 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-12 16:51:13 ----A---- C:\WINDOWS\system32\dialclient.dll
2017-05-12 16:51:13 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-12 16:51:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-12 16:51:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-12 16:51:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-12 16:51:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-12 16:51:12 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-12 16:51:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-12 16:51:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-12 16:51:11 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-12 16:51:11 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2017-05-12 16:51:11 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-12 16:51:11 ----A---- C:\WINDOWS\system32\ConsentUX.dll
2017-05-12 16:51:09 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-12 16:51:09 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-12 16:51:09 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-05-12 16:51:09 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-05-12 16:51:07 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-12 16:51:06 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-05-12 16:51:04 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-12 16:51:04 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-12 16:51:01 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-05-12 16:51:01 ----A---- C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-12 16:51:01 ----A---- C:\WINDOWS\system32\crypt32.dll
2017-05-12 16:51:01 ----A---- C:\WINDOWS\system32\credprovhost.dll
2017-05-12 16:51:00 ----A---- C:\WINDOWS\system32\CPFilters.dll
2017-05-12 16:51:00 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-12 16:50:59 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-05-12 16:50:59 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2017-05-12 16:50:55 ----A---- C:\WINDOWS\system32\WinTypes.dll
2017-05-12 16:50:55 ----A---- C:\WINDOWS\system32\msdtctm.dll
2017-05-12 16:50:55 ----A---- C:\WINDOWS\system32\catsrvps.dll
2017-05-12 16:50:54 ----A---- C:\WINDOWS\system32\combase.dll
2017-05-12 16:50:53 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-05-12 16:50:52 ----A---- C:\WINDOWS\system32\ole32.dll
2017-05-12 16:50:52 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-12 16:50:51 ----A---- C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-12 16:50:49 ----A---- C:\WINDOWS\system32\dafBth.dll
2017-05-12 16:50:47 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-12 16:50:40 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2017-05-12 16:50:39 ----A---- C:\WINDOWS\system32\BthTelemetry.dll
2017-05-12 16:50:31 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-05-12 16:50:31 ----A---- C:\WINDOWS\system32\browser_broker.exe
2017-05-12 16:50:30 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-05-12 16:50:29 ----A---- C:\WINDOWS\system32\wbengine.exe
2017-05-12 16:50:20 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-05-12 16:50:20 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-12 16:50:19 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-12 16:50:19 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-05-12 16:50:19 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-05-12 16:50:19 ----A---- C:\WINDOWS\system32\appidsvc.dll
2017-05-12 16:50:19 ----A---- C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-12 16:50:18 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-12 16:50:18 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-12 16:50:16 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-12 16:50:14 ----A---- C:\WINDOWS\system32\authui.dll
2017-05-12 16:50:12 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-12 16:50:09 ----A---- C:\WINDOWS\system32\adsnt.dll
2017-05-12 16:50:08 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-05-12 16:50:07 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-12 16:50:07 ----A---- C:\WINDOWS\system32\usermgr.dll
2017-05-12 16:50:07 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-05-12 16:50:07 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2017-05-12 16:50:06 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-05-12 16:50:06 ----A---- C:\WINDOWS\system32\dlnashext.dll
2017-05-12 16:50:06 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-05-12 16:50:06 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-12 16:50:06 ----A---- C:\WINDOWS\system32\bthserv.dll
2017-05-12 16:50:06 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-05-12 16:49:59 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2017-05-12 16:49:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-05-12 16:49:06 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2017-05-12 16:49:05 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2017-05-12 16:49:05 ----A---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2017-05-08 22:47:28 ----AD---- C:\Program Files\Puran File Recovery

======List of files/folders modified in the last 1 month======

[abdul99]

2017-06-04 22:15:23 ----D---- C:\Program Files\trend micro
2017-06-04 22:14:00 ----D---- C:\WINDOWS\system32\sru
2017-06-04 22:12:06 ----D---- C:\WINDOWS\Temp
2017-06-04 21:23:00 ----D---- C:\WINDOWS\system32\config
2017-06-04 21:20:50 ----D---- C:\WINDOWS\system32\SleepStudy
2017-06-04 21:08:52 ----RD---- C:\WINDOWS\Microsoft.NET
2017-06-04 20:09:14 ----HD---- C:\ProgramData
2017-06-04 19:12:39 ----D---- C:\WINDOWS\CbsTemp
2017-06-04 14:21:45 ----D---- C:\WINDOWS\WinSxS
2017-06-04 14:15:00 ----D---- C:\WINDOWS\system32\drivers
2017-06-03 10:31:24 ----D---- C:\WINDOWS\Prefetch
2017-06-03 10:30:02 ----HD---- C:\Program Files\WindowsApps
2017-06-03 10:25:29 ----D---- C:\WINDOWS\System32
2017-06-03 10:25:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-01 21:10:29 ----D---- C:\WINDOWS\AppReadiness
2017-06-01 21:09:25 ----D---- C:\WINDOWS\system32\Tasks
2017-05-30 18:39:20 ----SHD---- C:\System Volume Information
2017-05-30 18:17:41 ----D---- C:\WINDOWS\system32\catroot2
2017-05-30 15:57:08 ----D---- C:\WINDOWS\system32\appraiser
2017-05-29 21:02:01 ----D---- C:\WINDOWS\INF
2017-05-29 18:22:57 ----D---- C:\WINDOWS\debug
2017-05-28 22:30:27 ----D---- C:\Users\Adrian\AppData\Roaming\MPC-HC
2017-05-28 22:07:43 ----D---- C:\Windows
2017-05-28 22:04:19 ----D---- C:\ProgramData\NVIDIA
2017-05-28 22:00:27 ----SHD---- C:\WINDOWS\Installer
2017-05-28 21:50:49 ----AD---- C:\WINDOWS\SysWOW64
2017-05-28 21:48:52 ----RD---- C:\Program Files (x86)
2017-05-28 21:47:36 ----D---- C:\ProgramData\Package Cache
2017-05-28 21:38:06 ----D---- C:\WINDOWS\Minidump
2017-05-28 21:32:26 ----D---- C:\WINDOWS\SoftwareDistribution
2017-05-28 21:28:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-28 21:28:22 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-05-28 21:13:43 ----D---- C:\Program Files (x86)\Common Files
2017-05-28 21:11:14 ----D---- C:\Users\Adrian\AppData\Roaming\uTorrent
2017-05-27 22:09:02 ----D---- C:\WINDOWS\system32\MRT
2017-05-27 21:58:46 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-05-16 13:36:19 ----D---- C:\WINDOWS\system32\NDF
2017-05-16 12:55:27 ----SD---- C:\ProgramData\Microsoft
2017-05-13 23:50:52 ----D---- C:\WINDOWS\rescache
2017-05-13 23:35:11 ----RSD---- C:\WINDOWS\assembly
2017-05-13 20:26:32 ----D---- C:\WINDOWS\system32\DriverStore
2017-05-13 00:40:45 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-05-13 00:40:45 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-05-13 00:40:45 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2017-05-13 00:40:45 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-05-13 00:40:45 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-05-13 00:40:45 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-05-13 00:40:43 ----SD---- C:\WINDOWS\system32\F12
2017-05-13 00:40:43 ----D---- C:\WINDOWS\system32\wbem
2017-05-13 00:40:43 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2017-05-13 00:40:43 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-05-13 00:40:43 ----D---- C:\WINDOWS\system32\oobe
2017-05-13 00:40:43 ----D---- C:\WINDOWS\system32\en-US
2017-05-13 00:40:43 ----D---- C:\WINDOWS\system32\cs-CZ
2017-05-13 00:40:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-05-13 00:40:36 ----RD---- C:\Program Files\Windows Defender
2017-05-13 00:40:36 ----D---- C:\WINDOWS\ShellExperiences
2017-05-13 00:40:36 ----D---- C:\WINDOWS\Provisioning
2017-05-13 00:40:36 ----D---- C:\WINDOWS\PolicyDefinitions
2017-05-13 00:40:36 ----D---- C:\Program Files\Windows Photo Viewer
2017-05-13 00:40:36 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-05-13 00:40:36 ----D---- C:\Program Files (x86)\Windows Defender
2017-05-12 17:44:08 ----D---- C:\ProgramData\Microsoft Help
2017-05-12 17:31:40 ----A---- C:\WINDOWS\win.ini
2017-05-10 17:11:46 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-10 16:44:26 ----D---- C:\WINDOWS\system32\Macromed
2017-05-10 16:44:24 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-05-08 22:47:28 ----RD---- C:\Program Files
2017-05-07 12:55:43 ----D---- C:\WINDOWS\LiveKernelReports

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-05-13 190256]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-05-13 334576]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-05-13 49016]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-05-13 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-05-13 339696]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-01-17 48696]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-05-13 311808]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-05-13 32600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-05-13 101152]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-05-13 1007160]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-05-13 569192]
R1 cfywlan2;@oem91.inf,%cfywlan2_Desc%;Connectify WLAN LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [2017-01-03 46088]
R1 cnnctfy4;@oem90.inf,%cnnctfy4_Desc%;Connectify LightWeight Filter; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [2017-01-03 53216]
R1 dtsoftbus01;@oem38.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-12 283064]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-05-13 128648]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-05-13 158880]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R3 AmUStor;@oem9.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem86.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-12-14 4251160]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-10-05 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2017-04-28 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-10-05 84992]
R3 dtlitescsibus;@oem68.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-10-24 30264]
R3 dtliteusbbus;@oem72.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-10-24 47160]
R3 iwdbus;@oem32.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@oem35.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MarvinBus;@oem15.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_7b6a26f0085e5f11\nvlddmkm.sys [2017-01-17 14190520]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;@oem42.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-10-08 51392]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2015-07-23 561680]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-10-08 627392]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-04-28 88416]
S2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2015-05-25 210944]
S2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2015-05-25 22528]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-05-13 38296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-04-28 967680]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-05 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iComp;@oem12.inf,%Service.FriendlyName%;Grabster AV 400 service; C:\WINDOWS\system32\DRIVERS\p2usbhum.sys [2012-11-30 1712424]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-10-18 39320]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;@oem11.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;@oem23.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-13 263304]
R2 CDPUserSvc_4f101ff;CDPUserSvc_4f101ff; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2016-12-14 257592]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 OneSyncSvc_4f101ff;Hostitel synchronizace_4f101ff; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [2016-11-19 186760]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2015-07-23 350224]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-10-08 255168]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-13 7346208]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 PimIndexMaintenanceSvc_4f101ff;Data kontaktů_4f101ff; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-18 1369432]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_4f101ff;Služba zasílání zpráv_4f101ff; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-27 173512]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[abdul99]

# AdwCleaner v6.047 - Log vytvořen 07/06/2017 v 05:50:55
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-06.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Adrian - OCHMANEK
# Spuštěno z : C:\Users\Adrian\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1737 Bajty] - [24/01/2017 23:56:07]
C:\AdwCleaner\AdwCleaner[C2].txt - [1217 Bajty] - [21/03/2017 16:49:43]
C:\AdwCleaner\AdwCleaner[C3].txt - [1015 Bajty] - [07/06/2017 05:50:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [1853 Bajty] - [24/01/2017 23:55:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [1514 Bajty] - [21/03/2017 16:49:25]
C:\AdwCleaner\AdwCleaner[S2].txt - [1682 Bajty] - [07/06/2017 05:49:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1307 Bajty] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

[abdul99]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2017 01
Ran by Adrian (08-06-2017 05:31:36)
Running from C:\Users\Adrian\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-05 03:07:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3809139199-386801105-3546470006-500 - Administrator - Disabled)
Adrian (S-1-5-21-3809139199-386801105-3546470006-1002 - Administrator - Enabled) => C:\Users\Adrian
DefaultAccount (S-1-5-21-3809139199-386801105-3546470006-503 - Limited - Disabled)
Guest (S-1-5-21-3809139199-386801105-3546470006-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12 ukolu pro Herkula 5 - Deti Helady - SE v.2017 (HKLM-x32\...\12 ukolu pro Herkula 5 - Deti Helady - SE v.2017) (Version: v.2017 - Helping Hands)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - TERRATEC (iComp) Media (05/12/2009 6.270.13.01) (HKLM\...\5A793AA8B7416EC143168BB99EFA1521069CF616) (Version: 05/12/2009 6.270.13.01 - TERRATEC )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Beneton Movie GIF 1.1.2 (HKLM-x32\...\Beneton Movie GIF_is1) (Version: - Beneton Software)
Capture NX-D (HKLM\...\{794529D3-D489-4CF2-B2ED-CF241809E5EC}) (Version: 1.3.0 - Nikon Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Connectify 2016 (HKLM\...\Connectify) (Version: 2016.0.12.37996 - Connectify)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 9.1.7.1 (17/10/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Garmin City Navigator Europe NTU 2016.30 (HKLM-x32\...\{5E97BCC6-2F84-4966-9BC4-6CD97D6D3DC2}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Hydrogen 0.9.6 preview release for windows (HKLM-x32\...\{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1) (Version: - hydrogen-music.org)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICP 9.0 (HKLM\...\ICP install2_is1) (Version: - )
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.129.1 - Intel Security)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
JamManagerXT version 2.0 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.0 - Harman International, Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
K-Lite Codec Pack 10.8.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.5 - )
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (HKLM-x32\...\MAGIX_{2FA06473-23F0-4372-8DD5-1EAE42503D93}) (Version: 3.0.1.50 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (Version: 3.0.1.50 - MAGIX AG) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 cs)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MPEG Video Wizard DVD 5.0.1.104 (12/2011) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.104 - Womble Multimedia, Inc.)
MPEG Video Wizard DVD 5.0.1.104 (12/2011) (HKLM-x32\...\Mpeg Video Wizard DVD 5.0) (Version: 5.0.1.104 (12/2011) - Womble Multimedia, Inc.)
MS Video Player Components (HKLM-x32\...\MS Video Player Components) (Version: 4.50.x - HES Hermanns EDV-Service)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Recorder (x32 Version: 18.009.0 - Nero AG) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Native Instruments Traktor DJ Mixer v1.0 (HKLM-x32\...\Native Instruments Traktor DJ Mixer v1.0) (Version: - )
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Nero 2017 (HKLM-x32\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0010 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
NVIDIA Ovladače grafiky 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 376.54 (Version: 376.54 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.1.1 - Nikon Corporation)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Prerequisite installer (x32 Version: 18.0.0003 - Nero AG) Hidden
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Puran File Recovery 1.1 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
RadioSure (HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\RadioSure) (Version: - )
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
Red Giant ToonIt Studio (HKLM-x32\...\Red Giant ToonIt Studio) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
simplitec simplicheck (HKLM-x32\...\{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}) (Version: 1.3.10.0 - simplitec GmbH)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
TERRATEC Grabster AV 400 MX (64 Bit) (HKLM-x32\...\{0FB1F701-BA4B-403B-84DB-FB56D4EF5BC2}) (Version: 6.27.013.01 - Your Company Name)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.04.01 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.2 - Toshiba Europe GmbH)
Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version: - )
Trapcode Shine Studio (HKLM-x32\...\Trapcode Shine Studio) (Version: - )
Unity Web Player (HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.1.0 - Nikon Corporation)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.3 - VSO Software)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.20 - Western Digital)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Driver Package - Digitech (usbser) Ports (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3809139199-386801105-3546470006-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04CA9461-6388-43F0-B5E0-2EC36B2E9277} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {0829AE8E-F733-430D-B2E3-847AF3A35457} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.)
Task: {1643D876-53D4-4F1B-B234-A41E4F866264} - System32\Tasks\SafeZone scheduled Autoupdate 1470022667 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {1B5CC94F-674C-4D38-8F3B-436FF008C758} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-09] (TOSHIBA Corporation)
Task: {1C13952F-5905-4169-B4AE-2A8BC1AEB5B3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-15] (AVAST Software)
Task: {1C8FDE6B-A2B8-4DEF-A360-02348189D5BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {2FEF7E91-B824-43DF-B75E-906A1F440017} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3809139199-386801105-3546470006-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {300EF26B-908F-4882-AC68-4FC52940CE98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3590303C-8B79-45B5-99C3-93EFC06D3E53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {365171BA-B62C-4229-B6B2-AFE6FBCB82AF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {38010E29-D163-46B1-9AB3-80ECC2182F28} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {462CEE72-94B1-4AE3-ACAB-023E52148CAD} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {5BFDDEFC-BD85-4AD9-9CAA-1822BAF18475} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {5C6BFD7C-9657-4DE3-9130-CC7AE578DBA5} - System32\Tasks\{5C80C53B-17E5-411D-A22C-873754AE0D62} => pcalua.exe -a "C:\Program Files\Kobra 11 Nitro\C11_PC.exe" -d "C:\Program Files\Kobra 11 Nitro"
Task: {6869E2B2-B4B7-4E35-9172-71E8014C08EF} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-09-08] (Nero AG)
Task: {690D769E-589B-4363-B32D-F75103B7BCC1} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {832278B3-100D-491F-8132-B8FEC0A52D3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {89E3BE63-D49F-443E-BD89-371B1105CDB8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-05-27] (Microsoft Corporation)
Task: {9B68FF54-AF8E-49A3-AFC4-7E7DB077E2CC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-13] (AVAST Software)
Task: {9DB2278A-0050-449B-B4A4-5CE6ABC3D8C2} - System32\Tasks\Norton Security Scan for Adrian => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe
Task: {B98222AB-E071-4ABC-A0F4-DFFF4D22A7AF} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-05-18] (McAfee, Inc.)
Task: {BD5C89BF-7CE7-49EF-9A96-460681A85CEF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-11-14] ()
Task: {C7827A64-57E8-4438-9B86-983F29B9E5FA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-05-04] (Synaptics Incorporated)
Task: {D831488A-92B6-49E4-B3CD-14443B685B14} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-12-01] (Toshiba Europe GmbH)
Task: {F4205FD0-CE1F-4E14-A682-46200E70D573} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {F81718BB-2561-41B6-A844-EA71E5083EE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Norton Security Scan for Adrian.job => C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --enable-npn-http --use-system-ssl --prerender=disabled

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-12 16:51 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2016-11-19 22:59 - 2016-11-19 22:59 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2016-10-05 04:24 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-29 21:39 - 2016-07-29 21:39 - 00959168 _____ () C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-10-05 05:02 - 2016-10-05 05:02 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 21:00 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 21:01 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 21:01 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 21:01 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-12 16:50 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 16:50 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2017-06-08 05:17 - 2017-06-08 05:18 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-08 05:17 - 2017-06-08 05:18 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-01-03 19:38 - 2016-12-14 20:56 - 00925240 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2015-04-02 19:25 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-05-13 13:25 - 2017-05-13 13:25 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-13 13:25 - 2017-05-13 13:25 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-13 13:25 - 2017-05-13 13:25 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-13 13:25 - 2017-05-13 13:25 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-13 13:25 - 2017-05-13 13:25 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-13 13:24 - 2017-05-13 13:24 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-13 13:25 - 2017-05-13 13:25 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-03-22 19:38 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Adrian\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\Documents\desktop.ini:gs5sys [3074]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-05-04 20:42 - 00000035 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\Pictures\MOJE FOCENÍ\Makro\DSCN3077.JPG
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Aktualizace oznámení.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDSmartWare.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E1571458-1513-4503-A32F-CF97177FB580}C:\users\adrian\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\adrian\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{17A52641-D21B-4A0E-BFBA-C6083F114F82}C:\users\adrian\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\adrian\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{104095B1-A752-4444-B3DB-00BE40AC81FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E4D400B-6287-4B28-BF3C-8D3BE9A9959A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{343EEB30-AF9E-4A3D-AEFC-4C65E7D90C4E}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [TCP Query User{C38AB40E-D887-4D13-B9F9-94B375A3EE5E}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{9AB04165-6847-460E-ACE3-89739DEC1AE0}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{A7CA6F3D-C278-4660-943C-2091BF116F00}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0952B26A-6AD5-4F0E-914F-2223BE2FBB81}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2D15714F-6F1B-473F-AFBF-F2C877651363}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B463ED69-ECAC-48DF-A893-95CEC30D25EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7F9170DE-96E3-4148-9423-78DB67D91C1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4D39371D-00E7-4A0E-AB2A-B1C9F975218A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA46C75F-F3E5-4692-8D90-670A7B272686}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F6679719-F4B1-4506-8F47-242ACAD98549}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6E103673-0810-468E-82FC-C3E18C3B8177}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50F2D8B9-4FBC-4958-8205-4BC54B717804}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{1B4C8749-745D-4588-BA11-15F42EADA581}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [{07AB1F52-1C01-43F8-96A8-B98245875D03}] => (Allow) C:\Games\SimCity 2013 Offline\SimCity\SimCity.exe
FirewallRules: [TCP Query User{B3962979-E77D-4BE3-9FDE-3DBEFE5E1330}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{1D75CD4D-008F-4778-997B-4919CCBA88A3}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{1A98E20D-2E88-4FED-8746-DACAB3B47929}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{F47E0E13-363C-4CFF-AB1A-AF102D128A10}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{23486C74-EA3F-4A81-A1E6-F6421EBCBC8D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{8A8F70C1-27CE-46FC-A10D-E987C0B1333C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{C19E950A-C8C9-4917-B403-80DDE4D57A85}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{2ADC6D1D-4721-4191-A4E2-16DF8FF90390}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{9D7257C3-9EF8-4FFC-89FB-B8A6D0468F3A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{E1B9A8BA-E2FB-4F84-935A-F41458A98F10}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{97C4A59A-3F8D-40DE-B391-CAB4A87C8A77}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{A5473041-FF16-4453-9562-27109A10B577}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [TCP Query User{313D635B-676F-4C59-A2F8-119ED5137EA8}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Allow) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [UDP Query User{F7A0D52F-476F-4E14-B774-272BBCAEC77E}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Allow) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [{34BF3DCE-85C4-4BAB-8A42-FDBB5C4701F7}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{3458DC9D-23F1-48D1-B612-F0522C157D2D}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{A9B9DCE0-C5C7-40DD-ACDE-474F8818B850}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{D088CDB0-2047-4C85-B36A-D8F8B6FA5088}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{32C6EC51-5AF5-471F-900B-1A38F2019F09}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{2D76A05C-708D-430D-9542-9D6507C3A940}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2BD790B1-FE49-4826-A4D1-5F13A66F7ABE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{1A506BBB-9FAA-4F63-B7D5-B9E9AD36A085}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{72D79B36-F9BD-4E12-BEB9-2DFA475C08B9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe
FirewallRules: [{2D5D6446-7F4D-420B-9AB3-168832DCD968}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe
FirewallRules: [{1E58967D-68D2-4080-963D-49099082ABD1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe
FirewallRules: [{68C3FBA5-19BB-4EBD-AD4C-69F6E7E8D2E3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe
FirewallRules: [{2644E039-A22A-4C6C-B6BD-756A5351821C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe

==================== Restore Points =========================

04-05-2017 16:02:48 Windows Update
12-05-2017 17:25:27 Windows Update
16-05-2017 12:37:09 Windows Update
27-05-2017 21:51:11 Windows Update
07-06-2017 06:04:47 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/08/2017 05:15:51 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/08/2017 05:13:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TPCHSrv.exe, verze: 1.0.0.31, časové razítko: 0x54729b5e
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f8283
ID chybujícího procesu: 0x9c0
Čas spuštění chybující aplikace: 0x01d2e0052f25fec0
Cesta k chybující aplikaci: C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: e9175653-a3ab-4182-8a5e-e31926384959
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/08/2017 05:08:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/07/2017 06:05:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/07/2017 06:00:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TPCHSrv.exe, verze: 1.0.0.31, časové razítko: 0x54729b5e
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f8283
ID chybujícího procesu: 0x1500
Čas spuštění chybující aplikace: 0x01d2df4290d91381
Cesta k chybující aplikaci: C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 94176a9d-86f8-4318-83ab-5f9060e6d211
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/07/2017 05:57:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamNetworkService.exe, verze: 7.1.2071.1338, časové razítko: 0x5726e00c
Název chybujícího modulu: LIBEAY32.dll, verze: 1.0.1.16, časové razítko: 0x56297612
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004f16
ID chybujícího procesu: 0x12e4
Čas spuštění chybující aplikace: 0x01d2df41d23599cc
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\LIBEAY32.dll
ID zprávy: 67ef2936-2e2e-457d-9f22-81aab4aa5737
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/07/2017 05:55:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.14393.1198, časové razítko: 0x590281fa
Název chybujícího modulu: windows.immersiveshell.serviceprovider.dll, verze: 10.0.14393.0, časové razítko: 0x57899873
Kód výjimky: 0x80270233
Posun chyby: 0x0000000000033c25
ID chybujícího procesu: 0xfc8
Čas spuštění chybující aplikace: 0x01d2df41d35a0b4a
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
ID zprávy: 9fa7a48f-3d4e-47a2-962a-2bd45a3f49d1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/07/2017 05:54:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/07/2017 05:35:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TPCHSrv.exe, verze: 1.0.0.31, časové razítko: 0x54729b5e
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f8283
ID chybujícího procesu: 0x568
Čas spuštění chybující aplikace: 0x01d2df3f0b55416c
Cesta k chybující aplikaci: C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0f3f1c42-f947-43cf-a0b6-bd2cdba09283
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/07/2017 05:32:49 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (06/08/2017 05:15:23 AM) (Source: DCOM) (EventID: 10010) (User: OCHMANEK)
Description: Server {45CC1698-D1CF-417B-BC32-80EB79E05EF1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/08/2017 05:13:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TPCH Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/08/2017 05:09:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/08/2017 05:09:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/08/2017 05:09:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (06/08/2017 05:09:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby WD SmartWare Background Service bylo dosaženo časového limitu (30000 ms).

Error: (06/08/2017 05:08:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/08/2017 05:08:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/08/2017 05:08:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba limsgt neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (06/08/2017 05:08:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba athsgt neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.


CodeIntegrity:
===================================
Date: 2017-06-08 05:08:32.808
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\limsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-08 05:08:32.576
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\athsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-07 05:54:22.204
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\athsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-07 05:54:21.844
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\limsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-28 22:04:09.735
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\limsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-28 22:04:07.814
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\athsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-28 21:30:46.236
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\limsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-28 21:30:46.193
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\athsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-15 10:39:39.933
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\limsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-15 10:39:38.667
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\athsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 70%
Total physical RAM: 3971.27 MB
Available physical RAM: 1177.15 MB
Total Virtual: 4675.27 MB
Available Virtual: 1689.25 MB

==================== Drives ================================

Drive c: (TI31254900A) (Fixed) (Total:686.2 GB) (Free:162.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[abdul99]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2017 01
Ran by Adrian (administrator) on OCHMANEK (08-06-2017 05:27:50)
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4131384 2016-12-14] (Connectify)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-13] (AVAST Software)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\RunGame.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizace oznámení.lnk [2016-04-30]
ShortcutTarget: Aktualizace oznámení.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-30]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2016-12-17]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2016-12-17]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-30]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{68eb3ac8-98e7-4d02-a1e3-5115d466c3de}: [DhcpNameServer] 192.168.15.1

Internet Explorer:
==================
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKU\S-1-5-21-3809139199-386801105-3546470006-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: idumb2aa.default
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default [2017-06-07]
FF NewTab: Mozilla\Firefox\Profiles\idumb2aa.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\idumb2aa.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxps://www.seznam.cz/?clid=22668
FF Keyword.URL: Mozilla\Firefox\Profiles\idumb2aa.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Extension: (Avast SafePrice) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (Adblock Plus) - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-27]
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\idumb2aa.default\searchplugins\seznam-avast.xml [2016-10-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3809139199-386801105-3546470006-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-12] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default [2017-05-28]
CHR Extension: (Prezentace Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-06]
CHR Extension: (Dokumenty Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-06]
CHR Extension: (Disk Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-06]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-06]
CHR Extension: (Avast SafePrice) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-06]
CHR Extension: (Tabulky Google) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-13] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-13] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [257592 2016-12-14] (Connectify)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-11-19] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2015-07-23] (Tempo Semiconductor Inc.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-12-01] (Toshiba Europe GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [130048 2010-01-21] (WDC) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-13] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-13] (AVAST Software)
S2 athsgt; C:\WINDOWS\System32\DRIVERS\athsgt.sys [210944 2015-05-25] () [File not signed]
R1 cfywlan2; C:\WINDOWS\system32\DRIVERS\cfywlan2.sys [46088 2017-01-03] (Connectify)
R1 cnnctfy4; C:\WINDOWS\system32\DRIVERS\cnnctfy4.sys [53216 2017-01-03] (Connectify)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2016-10-24] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-01-12] (Disc Soft Ltd)
S3 iComp; C:\WINDOWS\system32\DRIVERS\p2usbhum.sys [1712424 2012-11-30] (Conexant Systems Inc.)
S2 limsgt; C:\WINDOWS\System32\DRIVERS\limsgt.sys [22528 2015-05-25] () [File not signed]
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdwu.inf_amd64_7b6a26f0085e5f11\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [561680 2015-07-23] (Tempo Semiconductor Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-08 05:27 - 2017-06-08 05:29 - 00025242 _____ C:\Users\Adrian\Desktop\FRST.txt
2017-06-08 05:27 - 2017-06-08 05:27 - 00000000 ____D C:\Users\Adrian\Desktop\FRST-OlderVersion
2017-06-08 05:20 - 2017-06-08 05:20 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-07 06:00 - 2017-06-07 06:00 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-07 05:47 - 2017-06-07 05:47 - 04110280 _____ C:\Users\Adrian\Desktop\adwcleaner_6.047.exe
2017-05-28 22:13 - 2017-05-28 22:13 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\Nero
2017-05-28 21:59 - 2017-05-28 21:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Nero
2017-05-28 21:57 - 2017-05-28 21:57 - 00002929 _____ C:\Users\Public\Desktop\Nero 2017.lnk
2017-05-28 21:49 - 2017-05-28 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017
2017-05-28 21:48 - 2017-05-28 22:00 - 00000000 ____D C:\ProgramData\Nero
2017-05-28 21:48 - 2017-05-28 22:00 - 00000000 ____D C:\Program Files (x86)\Nero
2017-05-28 21:48 - 2017-05-28 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-05-27 20:59 - 2017-05-27 20:59 - 00000000 ____D C:\Users\Adrian\Documents\InstantCDDVD
2017-05-13 13:26 - 2017-05-13 13:26 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-12 17:10 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-12 17:10 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-12 17:10 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-12 17:10 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-12 17:10 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-12 17:10 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-12 17:10 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-12 17:10 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-12 17:10 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-12 17:10 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-12 17:10 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-12 17:10 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-12 17:10 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-12 17:10 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-12 17:10 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-12 17:10 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-12 17:10 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-12 17:10 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-12 17:10 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-12 17:10 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-12 17:09 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-12 17:09 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-12 17:09 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-12 17:09 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-12 17:09 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-12 17:09 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-12 17:09 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-12 17:09 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-12 17:09 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-12 17:09 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-12 17:09 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-12 17:09 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-12 17:09 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-12 17:09 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-12 17:09 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-12 17:09 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-12 17:09 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-12 17:09 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-12 17:09 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-12 17:09 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-12 17:09 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-12 17:09 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-12 17:09 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-12 17:09 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-12 17:09 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-12 17:09 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-12 17:09 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-12 17:09 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-12 17:09 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-12 17:09 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-12 17:09 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-12 17:09 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-12 17:09 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-12 17:09 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-12 17:09 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-12 17:09 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-12 17:09 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-12 17:09 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-12 17:09 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-12 17:09 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-12 17:09 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-12 17:09 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-12 17:09 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-12 17:09 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-12 17:09 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-12 17:09 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-12 17:09 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-12 17:09 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-12 17:09 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-12 17:09 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-12 17:09 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-12 17:09 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-12 17:09 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-12 17:09 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-12 17:09 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-12 17:09 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-12 17:09 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-12 17:09 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-12 17:09 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-12 17:09 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-12 17:09 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-12 17:09 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-12 17:09 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-12 17:09 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-12 17:09 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-12 17:09 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-12 17:09 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-12 17:09 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-12 17:09 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-12 17:09 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-12 17:09 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-12 17:09 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-12 17:09 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-12 17:09 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-12 17:09 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-12 17:09 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-12 17:09 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-12 17:09 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-12 17:09 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-12 17:09 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-12 17:09 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-12 17:09 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-12 17:09 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-12 17:09 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-12 17:09 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-12 17:09 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-12 17:09 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-12 17:09 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-12 17:09 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-12 17:09 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-12 17:09 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-12 17:09 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-12 17:09 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-12 17:08 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-12 17:08 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-12 17:08 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-12 17:08 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-12 17:08 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-12 17:08 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-12 17:08 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-12 17:08 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-12 17:08 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-12 17:08 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-12 17:08 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-12 17:08 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-12 17:08 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-12 17:08 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-12 17:08 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-12 17:08 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-12 17:08 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-12 17:08 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-12 17:08 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-12 17:08 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-12 17:08 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-12 17:08 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-12 17:08 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-12 17:08 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-12 17:08 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-12 17:08 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-12 17:08 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-12 17:08 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-12 17:08 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-12 17:08 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-12 17:08 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-12 17:08 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-12 17:08 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-12 17:08 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-12 17:08 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-12 17:08 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-12 17:08 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-12 17:08 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-12 17:08 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-12 17:08 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-12 17:08 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-12 17:08 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-12 17:08 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-12 17:08 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-12 17:08 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-12 17:08 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-12 17:08 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-12 17:08 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-12 17:08 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-12 17:08 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-12 17:08 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-12 17:08 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-12 17:08 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-12 17:08 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-12 17:08 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-12 17:08 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-12 17:08 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-12 17:08 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-12 17:08 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-12 17:08 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-12 17:08 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-12 17:08 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-12 17:08 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-12 17:08 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-12 17:08 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-12 17:08 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-12 17:08 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-12 17:08 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-12 17:08 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-12 17:08 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-12 17:08 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-12 17:08 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-12 17:08 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-12 17:08 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-12 17:08 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-12 17:08 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-12 17:08 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-12 17:08 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-12 17:08 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-12 17:08 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-12 17:08 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-12 17:08 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-12 17:08 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-12 16:56 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-12 16:56 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-12 16:56 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-12 16:56 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-12 16:56 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-12 16:56 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-12 16:56 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-12 16:56 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-12 16:56 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-12 16:56 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-12 16:56 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-12 16:56 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-12 16:56 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-12 16:56 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-12 16:56 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-12 16:56 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-12 16:56 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-12 16:56 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-12 16:55 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-12 16:54 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-12 16:54 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-12 16:54 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-12 16:54 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-12 16:54 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-12 16:54 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-12 16:54 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-12 16:54 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-12 16:54 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-12 16:54 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-12 16:54 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-12 16:54 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-12 16:54 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-12 16:54 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-12 16:54 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-12 16:54 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-12 16:54 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-12 16:54 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-12 16:54 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-12 16:54 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-12 16:54 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-12 16:54 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-12 16:54 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-12 16:54 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-12 16:54 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-12 16:54 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-12 16:54 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-12 16:54 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-12 16:54 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-12 16:54 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-12 16:54 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-12 16:54 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-12 16:54 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-12 16:54 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-12 16:54 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-12 16:54 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-12 16:54 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-12 16:54 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-12 16:54 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-12 16:54 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-12 16:54 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-12 16:54 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-12 16:54 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-12 16:54 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-12 16:54 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-12 16:54 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-12 16:54 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-12 16:54 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-12 16:54 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-12 16:54 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-12 16:54 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-12 16:54 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-12 16:54 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-12 16:54 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-12 16:54 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-12 16:54 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-12 16:54 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-12 16:54 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-12 16:54 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-12 16:54 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-12 16:54 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-12 16:54 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-12 16:54 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-12 16:54 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-12 16:54 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-12 16:54 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-12 16:54 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-12 16:54 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-12 16:54 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-12 16:54 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-12 16:54 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-12 16:54 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-12 16:54 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-12 16:54 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-12 16:54 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-12 16:54 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-12 16:54 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-12 16:54 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-12 16:54 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-12 16:54 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-12 16:54 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-12 16:54 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-12 16:54 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-12 16:54 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-12 16:54 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-12 16:54 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-12 16:54 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-12 16:54 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-12 16:53 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-12 16:53 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-12 16:53 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-12 16:53 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-12 16:53 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-12 16:53 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-12 16:53 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-12 16:53 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-12 16:53 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-12 16:53 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-12 16:53 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-12 16:53 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-12 16:53 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-12 16:53 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-12 16:53 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-12 16:53 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-12 16:53 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-12 16:53 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-12 16:53 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-12 16:53 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-12 16:53 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-12 16:53 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-12 16:53 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-12 16:53 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-12 16:53 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-12 16:53 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-12 16:53 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-12 16:53 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-12 16:53 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-12 16:53 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-12 16:53 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-12 16:53 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-12 16:53 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-12 16:53 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-12 16:53 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-12 16:53 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-12 16:53 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-12 16:53 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-12 16:53 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-12 16:53 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-12 16:53 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-12 16:53 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-12 16:53 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-12 16:53 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-12 16:53 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-12 16:53 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-12 16:53 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-12 16:53 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-12 16:53 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-12 16:53 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-12 16:53 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-12 16:53 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-12 16:53 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-12 16:53 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-12 16:53 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-12 16:53 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-12 16:53 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-12 16:53 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-12 16:53 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-12 16:52 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-12 16:52 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-12 16:52 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-12 16:52 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-12 16:52 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-12 16:52 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-12 16:52 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-12 16:52 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-12 16:52 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-12 16:52 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-12 16:52 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-12 16:52 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-12 16:52 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-12 16:52 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-12 16:52 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-12 16:52 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-12 16:52 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-12 16:52 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-12 16:52 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-12 16:52 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-12 16:52 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-12 16:52 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-12 16:52 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-12 16:52 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-12 16:52 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-12 16:52 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-12 16:52 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-12 16:52 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-12 16:52 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-12 16:52 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-12 16:52 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-12 16:52 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-12 16:52 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-12 16:52 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-12 16:52 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-12 16:52 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-12 16:52 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-12 16:52 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-12 16:52 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-12 16:52 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-12 16:52 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-12 16:52 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-12 16:52 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-12 16:52 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-12 16:52 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-12 16:52 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-12 16:52 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-12 16:52 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-12 16:52 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-12 16:52 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-12 16:52 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-12 16:52 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-12 16:52 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-12 16:52 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-12 16:51 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-12 16:51 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-12 16:51 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-12 16:51 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-12 16:51 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-12 16:51 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-12 16:51 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-12 16:51 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-12 16:51 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-12 16:51 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-12 16:51 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-12 16:51 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-12 16:51 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-12 16:51 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-12 16:51 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-12 16:51 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-12 16:51 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-12 16:51 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-12 16:51 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-12 16:51 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-12 16:51 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-12 16:51 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-12 16:51 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-12 16:51 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-12 16:51 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-12 16:51 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-12 16:51 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-12 16:51 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-12 16:51 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-12 16:51 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-12 16:51 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-12 16:51 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-12 16:51 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-12 16:51 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-12 16:51 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-12 16:51 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-12 16:51 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-12 16:51 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-12 16:51 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-12 16:51 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-12 16:51 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-12 16:51 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-12 16:51 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-12 16:51 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-12 16:51 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-12 16:51 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-12 16:51 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-12 16:51 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-12 16:51 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-12 16:50 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-12 16:50 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-12 16:50 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-12 16:50 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-12 16:50 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-12 16:50 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-12 16:50 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-12 16:50 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-12 16:50 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-12 16:50 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-12 16:50 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-12 16:50 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-12 16:50 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-12 16:50 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-12 16:50 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-12 16:50 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-12 16:50 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-12 16:50 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-12 16:50 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-12 16:50 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-12 16:50 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-12 16:50 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-12 16:50 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-12 16:50 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-12 16:50 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-12 16:50 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-12 16:50 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-12 16:50 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-12 16:50 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-12 16:50 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-12 16:50 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-12 16:50 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-12 16:50 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-12 16:50 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-12 16:50 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-12 16:50 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-12 16:50 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-12 16:50 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-12 16:50 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-12 16:50 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-12 16:50 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-12 16:50 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-12 16:50 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-12 16:50 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-12 16:49 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-12 16:49 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-12 16:49 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-05-12 16:49 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-12 16:49 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 16:44 - 2017-05-10 16:44 - 01201768 _____ (Adobe Systems Incorporated) C:\Users\Adrian\Downloads\flashplayer25au_ha_install.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-08 05:28 - 2016-11-20 23:35 - 00000000 ____D C:\Users\Adrian\AppData\LocalLow\Mozilla
2017-06-08 05:27 - 2017-01-25 21:26 - 00000000 ____D C:\FRST
2017-06-08 05:27 - 2017-01-25 21:22 - 02435072 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2017-06-08 05:20 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-08 05:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-08 05:14 - 2016-07-17 00:25 - 00757654 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-08 05:14 - 2016-07-17 00:25 - 00175054 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-08 05:14 - 2016-04-27 08:54 - 02043978 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-08 05:09 - 2016-07-27 14:45 - 00000000 __SHD C:\Users\Adrian\IntelGraphicsProfiles
2017-06-08 05:08 - 2016-10-05 04:24 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-08 05:07 - 2016-10-05 05:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-07 06:09 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-07 06:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-07 06:07 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-07 06:07 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-07 05:56 - 2015-02-23 19:09 - 00000000 ____D C:\Users\Adrian\AppData\Local\CrashDumps
2017-06-07 05:50 - 2017-01-24 23:53 - 00000000 ____D C:\AdwCleaner
2017-06-07 05:40 - 2016-10-05 04:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-04 22:15 - 2015-01-08 01:31 - 00000000 ____D C:\Program Files\trend micro
2017-06-01 21:09 - 2016-10-05 05:02 - 00004008 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1470022667
2017-06-01 21:09 - 2016-08-01 05:38 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-01 21:06 - 2016-10-17 23:45 - 00000348 _____ C:\Users\Adrian\Desktop\Jednotka CD-ROM – zástupce.lnk
2017-05-30 21:28 - 2016-10-17 19:51 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2017-05-30 19:51 - 2016-10-17 20:09 - 00000000 ____D C:\Users\Adrian\AppData\Local\Pinnacle
2017-05-29 21:24 - 2016-09-18 18:02 - 00000000 ____D C:\Users\Adrian\Desktop\Dokumenty Office
2017-05-28 22:30 - 2014-12-28 01:03 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\MPC-HC
2017-05-28 22:11 - 2017-02-09 21:41 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-28 21:47 - 2015-11-08 15:08 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-28 21:38 - 2017-02-04 22:58 - 00000000 ____D C:\WINDOWS\Minidump
2017-05-28 21:28 - 2016-10-24 20:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-28 21:28 - 2015-01-08 02:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-28 21:11 - 2014-12-14 21:22 - 00000000 ____D C:\Users\Adrian\AppData\Roaming\uTorrent
2017-05-28 20:59 - 2014-12-14 21:46 - 00000000 ____D C:\Users\Adrian\Documents\Torrent
2017-05-27 22:09 - 2014-12-10 23:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-27 21:58 - 2014-12-10 23:26 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-27 20:59 - 2016-10-17 20:09 - 00000000 ____D C:\Users\Adrian\Documents\Pinnacle Studio
2017-05-16 18:48 - 2014-12-14 21:22 - 00000953 _____ C:\Users\Adrian\Desktop\µTorrent.lnk
2017-05-16 13:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-16 13:33 - 2015-01-07 22:24 - 00000168 _____ C:\Users\Adrian\AppData\default.pls
2017-05-16 12:22 - 2017-01-06 20:31 - 00002383 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-16 12:22 - 2017-01-06 20:31 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 23:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-13 13:27 - 2016-07-30 14:00 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-05-13 13:26 - 2016-07-30 14:00 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-13 13:26 - 2016-07-30 14:00 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-13 13:26 - 2016-07-30 14:00 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.149467485192102
2017-05-13 13:26 - 2016-07-30 14:00 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-13 13:26 - 2016-07-30 14:00 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-13 13:26 - 2016-07-30 14:00 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-13 13:26 - 2016-07-30 14:00 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-13 13:25 - 2016-08-01 05:37 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-05-13 13:25 - 2016-07-30 14:00 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-13 13:24 - 2017-02-09 21:41 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-13 13:24 - 2017-02-09 21:41 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-13 13:24 - 2017-02-09 21:41 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-13 13:24 - 2017-02-09 21:41 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-13 13:21 - 2016-04-27 08:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-13 13:13 - 2016-10-05 04:15 - 00486632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-13 00:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-13 00:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-12 17:31 - 2013-08-22 15:25 - 00000199 _____ C:\WINDOWS\win.ini
2017-05-10 17:11 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-10 16:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-10 16:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories =======

2015-12-25 20:57 - 2015-12-25 20:57 - 0000268 ___RH () C:\Users\Adrian\AppData\Roaming\Hybrid Synthesizers
2015-12-25 20:57 - 2015-12-25 20:57 - 0000268 ___RH () C:\Users\Adrian\AppData\Roaming\Image Capture
2015-07-04 10:44 - 2015-07-04 10:44 - 0099384 _____ () C:\Users\Adrian\AppData\Roaming\inst.exe
2015-07-04 10:44 - 2015-07-04 10:44 - 0007859 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.cat
2015-07-04 10:44 - 2015-07-04 10:44 - 0001167 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.inf
2015-07-04 10:44 - 2015-07-04 10:44 - 0000055 _____ () C:\Users\Adrian\AppData\Roaming\pcouffin.log
2015-07-04 10:44 - 2015-07-04 10:44 - 0082816 _____ (VSO Software) C:\Users\Adrian\AppData\Roaming\pcouffin.sys
2017-01-31 20:08 - 2017-01-31 20:08 - 0003584 _____ () C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-23 21:55 - 2015-03-23 22:09 - 0003072 _____ () C:\Users\Adrian\AppData\Local\file__0.localstorage
2015-06-08 22:06 - 2017-04-01 14:20 - 0007601 _____ () C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
2015-12-25 20:57 - 2015-12-25 20:57 - 0000268 ___RH () C:\ProgramData\Image Units
2015-12-25 20:57 - 2015-12-25 20:57 - 0000268 ___RH () C:\ProgramData\Importer
2015-12-25 20:57 - 2015-12-25 20:57 - 0000012 ___RH () C:\ProgramData\Keyboard Layouts
2015-12-25 20:57 - 2015-12-25 20:57 - 0000012 ___RH () C:\ProgramData\Legacy
2015-12-25 20:57 - 2015-12-25 20:57 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-12-25 20:57 - 2015-12-25 20:57 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some files in TEMP:
====================
2017-05-28 21:47 - 2017-04-28 02:53 - 0616048 _____ (Microsoft Corporation) C:\Users\Adrian\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-29 18:21

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\RunGame.exe"
C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Adrian\AppData\Local\Temp
Task: {38010E29-D163-46B1-9AB3-80ECC2182F28} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
C:\Windows\AutoKMS.exe
AlternateDataStreams: C:\Users\Adrian\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\Documents\desktop.ini:gs5sys [3074]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[abdul99]

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-06-2017 01
Ran by Adrian (08-06-2017 16:39:38) Run:2
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian (Available Profiles: Adrian)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\...\MountPoints2: {7431c52d-9546-11e6-82d6-2025647b6c58} - "H:\RunGame.exe"
C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Adrian\AppData\Local\Temp
Task: {38010E29-D163-46B1-9AB3-80ECC2182F28} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
C:\Windows\AutoKMS.exe
AlternateDataStreams: C:\Users\Adrian\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Adrian\Documents\desktop.ini:gs5sys [3074]

EmptyTemp:
End
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION => restored successfully
HKU\S-1-5-21-3809139199-386801105-3546470006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7431c52d-9546-11e6-82d6-2025647b6c58} => key removed successfully
HKCR\CLSID\{7431c52d-9546-11e6-82d6-2025647b6c58} => key not found.
C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Adrian\AppData\Local\Temp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38010E29-D163-46B1-9AB3-80ECC2182F28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38010E29-D163-46B1-9AB3-80ECC2182F28} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoKMSDaily => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily => key removed successfully
"C:\Windows\AutoKMS.exe" => not found.
C:\Users\Adrian\Soubory cookie => ":gs5sys" ADS removed successfully.
C:\Users\Adrian\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Adrian\AppData\Local\History => ":gs5sys" ADS removed successfully.
C:\Users\Adrian\Documents\desktop.ini => ":gs5sys" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 332657288 B
Java, Flash, Steam htmlcache => 2686 B
Windows/system/drivers => 68768639 B
Edge => 11575 B
Chrome => 137216 B
Firefox => 376307420 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 3266 B
NetworkService => 0 B
Adrian => 6709585 B

RecycleBin => 0 B
EmptyTemp: => 748.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:40:07 ====

[Rudy]

Smazáno, log by již měl být OK.

[abdul99]

Moc díky!!!!

[Rudy]

Rádo se stalo!