Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Steelcut

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Steelcut

#1 Příspěvek od Kaliban »

Ahoj,

mohl bych poprosit o pomoc s odstraněním prográmku SteelCut, resp. s jeho následky?

Děkuji

Boot mode: Normal

Running processes:
C:\Windows\TEMP\DPTF\esif_assist.exe
c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\ProgramData\AppMgr1.26.3056825\1\plugin.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Anna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Manager 1.26.3056825 (AppMgr1.26.3056825) - Unknown owner - C:\ProgramData\AppMgr1.26.3056825\appmgr.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11482 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice
C:\Windows\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
atieclxx
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\system32\WLANExt.exe 297704720704
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k apphost
"C:\ProgramData\AppMgr1.26.3056825\appmgr.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\esif_uf.exe
dashost.exe {8c05fc28-f835-464f-b626e9995eb7dffe}
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-04ab7676-a981-41ab-9978-b66d63a5eb3a -SystemEventPortName:HostProcess-a4fd57a9-b005-4c61-bf15-8b66698eade2 -IoCancelEventPortName:HostProcess-49346614-002d-4e3b-be6a-81f3412fc8d1 -NonStateChangingEventPortName:HostProcess-358edb1a-2fdc-44e7-827b-312be597a4e0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d5211706-3cc8-466f-86cd-54e794f16949 -DeviceGroupId:
c:\windows\system32\svchost.exe -k wbiosvcgroup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
c:\windows\system32\svchost.exe -k localservicepeernet
"C:\Windows\TEMP\DPTF\esif_assist.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\ProgramData\AppMgr1.26.3056825\1\plugin.exe /s 560 /p 700
"c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe"
C:\ProgramData\AppMgr1.26.3056825\1\plugin.exe /s 440 /p 436
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\SimplePass\\wyUpdate.exe" /quickcheck /noerr /justcheck
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe" --port 35600
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe"
taskhost.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\WinStore\WSHost.exe -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1664.0.1661238697\1817725834" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --gpu-vendor-id=0x1002 --gpu-device-id=0x6660 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.502.1011.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1664.5.364743462\978432792" --font-cache-shared-handle=3732 /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 388 348 416 65536 412
"C:\Users\Anna\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-26 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-26 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-01-18 50615936]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-02-25 767176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-26 7021880]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-23 23:30:19 ----D---- C:\Program Files\trend micro
2016-01-23 23:30:18 ----D---- C:\rsit
2016-01-23 23:12:48 ----D---- C:\Windows\system32\log
2016-01-23 23:12:48 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2016-01-23 23:12:48 ----A---- C:\Windows\system32\drivers\iSafeKrnlBoot.sys
2016-01-23 23:12:17 ----D---- C:\Users\Anna\AppData\Roaming\Elex-tech
2016-01-23 23:12:17 ----D---- C:\Program Files (x86)\Elex-tech
2016-01-23 22:31:55 ----D---- C:\ProgramData\AppMgr1.26.3056825
2016-01-23 22:20:49 ----A---- C:\autoexec.bat
2016-01-23 22:20:14 ----D---- C:\Users\Anna\AppData\Roaming\Enigma Software Group
2016-01-23 22:19:54 ----D---- C:\sh4ldr
2016-01-23 22:18:24 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-01-23 22:18:16 ----D---- C:\Program Files\Enigma Software Group
2016-01-23 21:47:27 ----A---- C:\Windows\system32\drivers\{f27d11e3-6a28-4304-8802-9226aab77587}Gw64.sys
2016-01-23 21:45:25 ----D---- C:\Program Files (x86)\Steel Cut
2016-01-22 17:46:46 ----D---- C:\Users\Anna\AppData\Roaming\Skype
2016-01-22 17:46:28 ----RD---- C:\Program Files (x86)\Skype
2016-01-22 17:46:16 ----D---- C:\ProgramData\Skype
2016-01-22 17:20:16 ----A---- C:\Windows\system32\appraiser.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\invagent.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\generaltel.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\devinv.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-22 17:20:15 ----A---- C:\Windows\system32\aepic.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\aeinv.dll
2016-01-22 17:20:14 ----A---- C:\Windows\system32\acmigration.dll
2016-01-17 21:46:35 ----A---- C:\Windows\system32\mshtml.dll
2016-01-17 21:46:24 ----A---- C:\Windows\system32\jscript9.dll
2016-01-17 21:46:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-01-17 21:46:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-17 21:45:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-01-17 21:45:44 ----A---- C:\Windows\system32\wininet.dll
2016-01-17 21:45:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-01-17 21:45:40 ----A---- C:\Windows\system32\vbscript.dll
2016-01-17 21:45:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-17 21:45:38 ----A---- C:\Windows\system32\mshtmled.dll
2016-01-17 21:45:36 ----A---- C:\Windows\system32\ieframe.dll
2016-01-17 21:45:29 ----A---- C:\Windows\system32\urlmon.dll
2016-01-17 21:45:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-01-17 21:45:27 ----A---- C:\Windows\system32\inetcomm.dll
2016-01-17 21:45:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-01-17 21:45:25 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-01-17 21:45:24 ----A---- C:\Windows\system32\jscript.dll
2016-01-17 21:45:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-01-17 21:45:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-17 21:45:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-01-17 21:45:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-01-17 21:39:13 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-17 21:39:13 ----A---- C:\Windows\system32\qedit.dll
2016-01-17 21:38:54 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-17 21:38:53 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-17 21:38:53 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-17 21:38:53 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-17 21:38:52 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-01-17 21:38:52 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-01-17 21:38:52 ----A---- C:\Windows\system32\mfcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-17 21:38:51 ----A---- C:\Windows\system32\mfnetcore.dll
2016-01-17 21:38:50 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-17 21:38:50 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-17 21:38:50 ----A---- C:\Windows\system32\quartz.dll
2016-01-17 21:38:50 ----A---- C:\Windows\system32\evr.dll
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-17 21:38:49 ----A---- C:\Windows\system32\mfsvr.dll
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-01-17 21:38:48 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\qdvd.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\mfps.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\devenum.dll
2016-01-17 21:38:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-17 21:38:20 ----A---- C:\Windows\system32\schannel.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\cng.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\certcli.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-01-17 21:37:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-17 21:37:18 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-17 21:37:18 ----A---- C:\Windows\system32\ntdll.dll
2016-01-17 21:36:49 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-17 21:36:49 ----A---- C:\Windows\system32\gdi32.dll
2016-01-17 21:36:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-17 21:36:30 ----A---- C:\Windows\system32\advapi32.dll
2016-01-14 17:44:32 ----A---- C:\Windows\system32\aspnet_counters.dll
2016-01-14 17:44:30 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2016-01-14 17:16:33 ----A---- C:\Windows\system32\WiFiDisplay.dll
2016-01-09 18:26:48 ----D---- C:\Windows\system32\appraiser
2016-01-09 18:22:01 ----A---- C:\Windows\system32\drivers\bthhfenum.sys
2016-01-09 18:20:37 ----A---- C:\Windows\system32\drivers\tpm.sys
2016-01-09 18:20:09 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2016-01-09 18:20:09 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2016-01-09 18:19:41 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-01-09 18:19:41 ----A---- C:\Windows\system32\dwmcore.dll
2016-01-09 18:18:47 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-01-09 18:18:47 ----A---- C:\Windows\system32\d2d1.dll
2016-01-09 18:18:19 ----A---- C:\Windows\system32\drivers\tunnel.sys
2016-01-09 18:17:22 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-01-09 18:17:22 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-01-09 18:17:22 ----A---- C:\Windows\system32\msxml6.dll
2016-01-09 18:17:22 ----A---- C:\Windows\system32\msxml3.dll
2016-01-09 18:16:55 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-01-09 18:16:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-01-09 18:16:23 ----A---- C:\Windows\system32\AuthHost.exe
2016-01-09 18:15:57 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\UtcResources.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\tdh.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\diagtrack.dll
2016-01-09 18:15:25 ----A---- C:\Windows\system32\drivers\ahcache.sys
2016-01-09 18:14:58 ----A---- C:\Windows\SYSWOW64\Windows.UI.Input.Inking.dll
2016-01-09 18:14:58 ----A---- C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-01-09 18:14:30 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-01-09 18:14:30 ----A---- C:\Windows\system32\rastapi.dll
2016-01-09 18:14:02 ----A---- C:\Windows\system32\SystemSettingsDatabase.dll
2016-01-09 18:13:04 ----A---- C:\Windows\system32\consent.exe
2016-01-09 18:12:37 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-09 18:12:37 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\hidbth.sys
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-01-09 18:11:39 ----A---- C:\Windows\system32\dbgeng.dll
2016-01-09 18:11:38 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2016-01-09 18:11:38 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2016-01-09 18:11:38 ----A---- C:\Windows\system32\dbghelp.dll
2016-01-09 18:11:11 ----A---- C:\Windows\SYSWOW64\SRH.dll
2016-01-09 18:11:11 ----A---- C:\Windows\system32\SRH.dll
2016-01-09 18:10:20 ----A---- C:\Windows\system32\dpapisrv.dll
2016-01-09 18:09:43 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2016-01-09 18:09:15 ----A---- C:\Windows\SYSWOW64\PhotoMetadataHandler.dll
2016-01-09 18:09:15 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2016-01-09 18:08:47 ----A---- C:\Windows\system32\drivers\udfs.sys
2016-01-09 18:08:21 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-01-09 18:08:20 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-01-09 18:07:09 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-01-09 18:07:09 ----A---- C:\Windows\system32\msctf.dll
2016-01-09 18:06:14 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2016-01-09 18:05:14 ----A---- C:\Windows\system32\SettingsHandlers.dll
2016-01-09 18:04:42 ----A---- C:\Windows\system32\wevtsvc.dll
2016-01-09 18:04:17 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2016-01-09 18:04:17 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-09 18:04:17 ----A---- C:\Windows\system32\WSShared.dll
2016-01-09 18:04:17 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-09 18:03:17 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2016-01-09 18:03:17 ----A---- C:\Windows\system32\PCPKsp.dll
2016-01-09 18:02:50 ----A---- C:\Windows\SYSWOW64\authz.dll
2016-01-09 18:02:50 ----A---- C:\Windows\system32\authz.dll
2016-01-09 18:02:22 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2016-01-09 18:02:22 ----A---- C:\Windows\system32\UIAutomationCore.dll
2016-01-09 18:01:55 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-01-09 18:01:26 ----A---- C:\Windows\system32\profsvc.dll
2016-01-09 18:00:07 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-09 18:00:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-09 17:59:55 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2016-01-09 17:59:00 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2016-01-09 17:59:00 ----A---- C:\Windows\system32\netcfgx.dll
2016-01-09 17:59:00 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-01-09 17:58:33 ----A---- C:\Windows\system32\fhcpl.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eapphost.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eappgnui.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eappcfg.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eapp3hst.dll
2016-01-09 17:57:07 ----A---- C:\Windows\system32\drivers\sdbus.sys
2016-01-09 17:57:07 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2016-01-09 17:56:41 ----A---- C:\Windows\system32\mssrch.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\tquery.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-01-09 17:56:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssvp.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssphtb.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssph.dll
2016-01-09 17:56:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-01-09 17:56:19 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-01-09 17:56:18 ----A---- C:\Windows\system32\winlogon.exe
2016-01-09 17:56:18 ----A---- C:\Windows\system32\wininit.exe
2016-01-09 17:56:17 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2016-01-09 17:56:17 ----A---- C:\Windows\system32\msftedit.dll
2016-01-09 17:56:13 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-01-09 17:56:13 ----A---- C:\Windows\system32\sdbinst.exe
2016-01-09 17:56:13 ----A---- C:\Windows\system32\apphelp.dll
2016-01-09 17:56:11 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2016-01-09 17:54:04 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\ucrtbase.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 17:53:54 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-01-09 17:53:53 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-01-09 17:53:51 ----A---- C:\Windows\system32\wpdshext.dll
2016-01-09 17:53:51 ----A---- C:\Windows\system32\drivers\bthpan.sys
2016-01-09 17:53:50 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-01-09 17:53:21 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-09 17:53:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-09 17:53:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-09 17:53:20 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-09 17:53:10 ----A---- C:\Windows\system32\drivers\afd.sys
2016-01-09 17:53:09 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-01-09 17:50:46 ----A---- C:\Windows\system32\sysmain.dll
2016-01-09 17:50:46 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-01-09 17:50:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-09 17:49:35 ----D---- C:\Windows\system32\MRT
2016-01-09 17:49:27 ----A---- C:\Windows\system32\MRT.exe
2016-01-09 17:49:17 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-01-09 17:49:17 ----A---- C:\Windows\system32\iepeers.dll
2016-01-09 17:49:16 ----A---- C:\Windows\system32\iertutil.dll
2016-01-09 17:49:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-01-09 17:49:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-01-09 17:49:15 ----A---- C:\Windows\system32\actxprxy.dll
2016-01-09 17:49:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-01-09 17:49:14 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-01-09 17:49:14 ----A---- C:\Windows\system32\inseng.dll
2016-01-09 17:49:14 ----A---- C:\Windows\system32\ie4uinit.exe
2016-01-09 17:49:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-01-09 17:49:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-01-09 17:49:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-01-09 17:49:07 ----A---- C:\Windows\system32\webcheck.dll
2016-01-09 17:49:07 ----A---- C:\Windows\system32\jscript9diag.dll
2016-01-09 17:49:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-01-09 17:49:05 ----A---- C:\Windows\system32\msrating.dll
2016-01-09 17:49:05 ----A---- C:\Windows\system32\ieui.dll
2016-01-09 17:48:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-01-09 17:48:53 ----A---- C:\Windows\system32\dxtrans.dll
2016-01-09 17:48:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-01-09 17:48:52 ----A---- C:\Windows\system32\dxtmsft.dll
2016-01-09 17:46:56 ----A---- C:\Windows\system32\msi.dll
2016-01-09 17:46:55 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-01-09 17:46:55 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-01-09 17:46:55 ----A---- C:\Windows\system32\msiexec.exe
2016-01-09 17:46:37 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-01-09 17:46:36 ----A---- C:\Windows\system32\shell32.dll
2016-01-09 17:46:34 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\werdiagcontroller.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\audiosrv.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2016-01-09 17:43:28 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2016-01-09 17:43:28 ----A---- C:\Windows\SYSWOW64\sechost.dll
2016-01-09 17:43:28 ----A---- C:\Windows\system32\tracerpt.exe
2016-01-09 17:43:28 ----A---- C:\Windows\system32\sechost.dll
2016-01-09 17:43:22 ----A---- C:\Windows\system32\win32k.sys
2016-01-09 17:43:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\user32.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\GdiPlus.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\FntCache.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\DWrite.dll
2016-01-09 17:43:20 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-01-09 17:43:20 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-01-09 17:43:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-09 17:43:16 ----A---- C:\Windows\system32\wow64.dll
2016-01-09 17:43:14 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-01-09 17:43:13 ----A---- C:\Windows\system32\fveapi.dll
2016-01-09 17:43:13 ----A---- C:\Windows\system32\bdesvc.dll
2016-01-09 17:40:22 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-01-09 17:40:22 ----A---- C:\Windows\system32\lsm.dll
2016-01-09 17:40:22 ----A---- C:\Windows\system32\InkEd.dll
2016-01-09 17:40:06 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2016-01-09 17:40:06 ----A---- C:\Windows\system32\puiobj.dll
2016-01-09 17:40:06 ----A---- C:\Windows\system32\localspl.dll
2016-01-09 17:40:05 ----A---- C:\Windows\system32\compstui.dll
2016-01-09 17:26:40 ----A---- C:\Windows\system32\winresume.exe
2016-01-09 17:26:40 ----A---- C:\Windows\system32\winload.exe
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\comsvcs.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\catsrvut.dll
2016-01-09 17:13:56 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-01-09 17:13:56 ----A---- C:\Windows\system32\pku2u.dll
2016-01-09 17:13:28 ----A---- C:\Windows\system32\services.exe
2016-01-09 17:12:32 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\system32\WebClnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\system32\davclnt.dll
2016-01-09 17:12:16 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-01-09 17:12:16 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-01-09 17:10:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-09 17:10:27 ----A---- C:\Windows\system32\kerberos.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\shacct.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\SettingSync.dll
2016-01-09 17:09:33 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-01-09 17:09:33 ----A---- C:\Windows\system32\wuaueng.dll
2016-01-09 17:09:33 ----A---- C:\Windows\system32\wuapi.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuwebv.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wups2.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wudriver.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wucltux.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuauclt.exe
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuapp.exe
2016-01-09 17:09:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-01-09 17:09:00 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-01-09 17:09:00 ----A---- C:\Windows\system32\atmlib.dll
2016-01-09 17:09:00 ----A---- C:\Windows\system32\atmfd.dll
2016-01-09 17:07:53 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-01-09 17:07:53 ----A---- C:\Windows\system32\authui.dll
2016-01-09 17:05:38 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-09 17:05:38 ----A---- C:\Windows\system32\basesrv.dll
2016-01-09 17:02:13 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-01-09 17:02:13 ----A---- C:\Windows\system32\comctl32.dll
2016-01-09 16:59:16 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-01-09 16:59:16 ----A---- C:\Windows\system32\notepad.exe
2016-01-09 16:59:16 ----A---- C:\Windows\notepad.exe
2016-01-09 16:57:06 ----A---- C:\Windows\system32\drivers\http.sys
2016-01-09 16:54:45 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2016-01-09 16:54:45 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\taskeng.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\schtasks.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\schedsvc.dll
2016-01-09 16:54:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-01-09 16:54:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-01-09 16:54:17 ----A---- C:\Windows\system32\appidapi.dll
2016-01-09 16:53:50 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-01-09 16:53:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-01-09 16:53:50 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-01-09 16:53:50 ----A---- C:\Windows\system32\mstscax.dll
2016-01-09 16:47:00 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-01-09 16:47:00 ----A---- C:\Windows\system32\ole32.dll
2015-12-29 08:54:01 ----A---- C:\Windows\system32\tzsync.exe
2015-12-29 08:53:50 ----A---- C:\Windows\system32\storewuauth.dll
2015-12-29 08:53:20 ----A---- C:\Windows\system32\IKEEXT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2015-12-29 08:53:19 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\system32\nshwfp.dll
2015-12-29 08:53:19 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\system32\BFE.DLL
2015-12-29 08:52:42 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-12-29 08:52:42 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-12-29 08:52:42 ----A---- C:\Windows\system32\clfsw32.dll
2015-12-26 21:46:03 ----D---- C:\Users\Anna\AppData\Roaming\Foxit Software
2015-12-26 21:40:56 ----D---- C:\Program Files (x86)\Microsoft Works
2015-12-26 21:40:29 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2015-12-26 21:39:50 ----D---- C:\Windows\PCHEALTH
2015-12-26 21:37:59 ----D---- C:\Program Files\Microsoft Office
2015-12-26 21:37:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2015-12-26 21:37:27 ----D---- C:\ProgramData\Microsoft Help
2015-12-26 21:37:10 ----RHD---- C:\MSOCache
2015-12-26 20:50:26 ----D---- C:\Users\Anna\AppData\Roaming\DropboxOEM
2015-12-26 20:50:17 ----D---- C:\Users\Anna\AppData\Roaming\CyberLink
2015-12-26 20:46:45 ----D---- C:\Program Files\7-Zip
2015-12-26 20:41:02 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-26 20:40:03 ----D---- C:\Users\Anna\AppData\Roaming\AVAST Software
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswsp.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-12-26 20:39:19 ----A---- C:\Windows\avastSS.scr
2015-12-26 17:36:07 ----D---- C:\Program Files\CCleaner
2015-12-26 17:32:35 ----D---- C:\Program Files (x86)\Google
2015-12-26 17:31:23 ----D---- C:\Program Files\Common Files\AV
2015-12-26 17:31:11 ----D---- C:\Users\Anna\AppData\Roaming\Macromedia
2015-12-26 17:28:05 ----D---- C:\Users\Anna\AppData\Roaming\Hewlett-Packard
2015-12-26 17:27:25 ----D---- C:\Users\Anna\AppData\Roaming\hpqlog
2015-12-26 17:23:51 ----D---- C:\Users\Anna\AppData\Roaming\Adobe
2015-12-26 17:23:31 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-26 17:23:30 ----D---- C:\Users\Anna\AppData\Roaming\Synaptics
2015-12-26 17:21:20 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-26 17:21:19 ----SD---- C:\Windows\system32\GWX
2015-12-26 17:21:19 ----D---- C:\Windows\Migration
2015-12-26 17:19:28 ----SD---- C:\Users\Anna\AppData\Roaming\Microsoft
2015-12-26 17:14:01 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-12-26 17:14:01 ----A---- C:\Windows\system32\wups.dll
2015-12-26 17:14:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-12-26 17:14:01 ----A---- C:\Windows\explorer.exe
2015-12-26 17:14:00 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2015-12-26 17:14:00 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-12-26 17:14:00 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-12-26 17:14:00 ----A---- C:\Windows\system32\RestoreOptIn.exe
2015-12-26 17:12:22 ----D---- C:\Windows\SoftwareDistribution
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Šablony
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Plocha
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Nabídka Start
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Dokumenty
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Data aplikací

======List of files/folders modified in the last 1 month======

2016-01-23 23:30:19 ----RD---- C:\Program Files
2016-01-23 23:29:57 ----D---- C:\Windows\Temp
2016-01-23 23:26:07 ----D---- C:\Windows\Prefetch
2016-01-23 23:15:57 ----RD---- C:\Program Files (x86)
2016-01-23 23:15:50 ----D---- C:\Windows\system32\catroot2
2016-01-23 23:15:40 ----D---- C:\ProgramData\install_clap
2016-01-23 23:15:38 ----D---- C:\Windows\Panther
2016-01-23 23:15:38 ----D---- C:\Windows\Inf
2016-01-23 23:12:48 ----RD---- C:\Windows\System32
2016-01-23 23:12:48 ----D---- C:\Windows\system32\drivers
2016-01-23 23:12:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-23 23:05:39 ----HD---- C:\ProgramData
2016-01-23 23:04:52 ----D---- C:\Windows
2016-01-23 23:04:26 ----D---- C:\Windows\SysWOW64
2016-01-23 23:02:01 ----D---- C:\Windows\system32\GroupPolicy
2016-01-23 23:00:00 ----D---- C:\Windows\system32\sru
2016-01-23 22:20:10 ----D---- C:\Windows\system32\Tasks
2016-01-23 22:01:57 ----A---- C:\Windows\win.ini
2016-01-23 22:00:37 ----D---- C:\Windows\debug
2016-01-23 21:09:07 ----SD---- C:\ProgramData\Microsoft
2016-01-23 21:06:13 ----D---- C:\Windows\system32\config
2016-01-23 08:58:00 ----D---- C:\Windows\WinSxS
2016-01-22 22:00:29 ----D---- C:\Program Files\Internet Explorer
2016-01-22 22:00:25 ----SD---- C:\Windows\system32\CompatTel
2016-01-22 22:00:25 ----D---- C:\Windows\apppatch
2016-01-22 22:00:23 ----D---- C:\Windows\system32\DriverStore
2016-01-22 19:26:33 ----D---- C:\Windows\Microsoft.NET
2016-01-22 19:25:11 ----HD---- C:\Program Files\WindowsApps
2016-01-22 19:24:51 ----D---- C:\Windows\CbsTemp
2016-01-22 19:19:21 ----SHD---- C:\System Volume Information
2016-01-22 17:46:46 ----SHD---- C:\Windows\Installer
2016-01-22 17:46:29 ----D---- C:\Program Files (x86)\Common Files
2016-01-22 17:15:25 ----D---- C:\Windows\system32\wdi
2016-01-22 06:40:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-22 06:40:30 ----D---- C:\Windows\system32\cs-CZ
2016-01-22 06:40:28 ----RSD---- C:\Windows\Fonts
2016-01-22 06:40:28 ----RD---- C:\Windows\ImmersiveControlPanel
2016-01-22 06:40:21 ----D---- C:\Program Files\Windows Defender
2016-01-22 06:40:20 ----D---- C:\Windows\WinStore
2016-01-22 06:40:20 ----D---- C:\Program Files (x86)\Windows Defender
2016-01-17 21:30:40 ----D---- C:\Windows\AppCompat
2016-01-14 20:57:47 ----RSD---- C:\Windows\assembly
2016-01-14 20:01:38 ----D---- C:\Windows\AppReadiness
2016-01-14 18:32:17 ----D---- C:\Windows\rescache
2016-01-09 18:26:59 ----D---- C:\Windows\system32\sr-Latn-RS
2016-01-09 18:26:59 ----D---- C:\Windows\system32\sr-Latn-CS
2016-01-09 18:26:59 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-09 18:26:55 ----RD---- C:\Windows\ToastData
2016-01-09 18:26:53 ----D---- C:\Windows\PolicyDefinitions
2016-01-09 18:26:53 ----D---- C:\Program Files (x86)\Internet Explorer
2016-01-09 18:26:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-01-09 18:26:52 ----D---- C:\Program Files\Windows Journal
2016-01-09 18:26:48 ----D---- C:\Windows\SYSWOW64\inetsrv
2016-01-09 18:26:48 ----D---- C:\Windows\system32\wbem
2016-01-09 18:26:48 ----D---- C:\Windows\system32\inetsrv
2016-01-09 18:26:48 ----D---- C:\Windows\system32\Boot
2016-01-09 17:44:23 ----D---- C:\Program Files\Common Files\microsoft shared
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\winrm
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\slmgr
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\oobe
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\en
2016-01-09 17:32:07 ----D---- C:\Windows\servicing
2016-01-09 17:32:07 ----D---- C:\Program Files\Windows Photo Viewer
2016-01-09 17:32:07 ----D---- C:\Program Files\Windows Mail
2016-01-09 17:32:07 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-01-09 17:32:07 ----D---- C:\Program Files (x86)\Windows Media Player
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\WCN
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\wbem
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2016-01-09 17:32:05 ----D---- C:\Windows\system32\winrm
2016-01-09 17:32:05 ----D---- C:\Windows\system32\Sysprep
2016-01-09 17:32:05 ----D---- C:\Windows\system32\slmgr
2016-01-09 17:32:05 ----D---- C:\Windows\system32\sk-SK
2016-01-09 17:32:05 ----D---- C:\Windows\system32\oobe
2016-01-09 17:32:05 ----D---- C:\Windows\system32\migwiz
2016-01-09 17:32:05 ----D---- C:\Windows\system32\en
2016-01-09 17:32:05 ----D---- C:\Windows\en-US
2016-01-09 17:32:03 ----D---- C:\Windows\system32\en-US
2016-01-09 17:32:03 ----D---- C:\Windows\system32\drivers\en-US
2016-01-09 17:31:58 ----D---- C:\Windows\system32\WCN
2016-01-09 17:31:55 ----D---- C:\Windows\system32\SystemResetPlatform
2016-01-09 17:31:55 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2016-01-09 17:31:55 ----D---- C:\Windows\Help
2016-01-09 17:19:37 ----D---- C:\Program Files\Windows Media Player
2016-01-09 17:19:37 ----D---- C:\Program Files (x86)\Windows Mail
2016-01-09 17:19:36 ----D---- C:\Windows\SYSWOW64\en-GB
2016-01-09 17:19:36 ----D---- C:\Program Files\Common Files\System
2016-01-09 17:19:32 ----D---- C:\Windows\system32\en-GB
2016-01-09 17:03:22 ----D---- C:\Windows\Logs
2016-01-09 16:44:23 ----D---- C:\ProgramData\McAfee
2016-01-09 16:44:23 ----D---- C:\Program Files\Common Files
2016-01-05 21:04:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-29 08:54:36 ----D---- C:\Windows\system32\catroot
2015-12-28 07:14:25 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-12-26 21:40:46 ----D---- C:\Program Files (x86)\MSBuild
2015-12-26 21:40:38 ----D---- C:\Program Files (x86)\Microsoft Office
2015-12-26 21:40:26 ----D---- C:\Windows\ShellNew
2015-12-26 21:39:49 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-12-26 20:50:33 ----D---- C:\ProgramData\CyberLink
2015-12-26 20:38:24 ----D---- C:\Program Files\AVAST Software
2015-12-26 20:38:14 ----D---- C:\ProgramData\AVAST Software
2015-12-26 20:36:16 ----HD---- C:\Windows\ELAMBKUP
2015-12-26 17:39:24 ----D---- C:\Windows\system32\drivers\UMDF
2015-12-26 17:32:37 ----D---- C:\Windows\Tasks
2015-12-26 17:28:43 ----D---- C:\ProgramData\Intel
2015-12-26 17:24:41 ----SHD---- C:\$Recycle.Bin
2015-12-26 17:23:37 ----AHD---- C:\SYSTEM.SAV
2015-12-26 17:19:28 ----RD---- C:\Users
2015-12-26 17:14:30 ----D---- C:\Windows\system32\AdvancedInstallers
2015-12-26 17:14:04 ----D---- C:\Windows\system32\restore
2015-12-26 15:09:22 ----D---- C:\Program Files\Windows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem10.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2015-03-20 62152]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-26 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-26 273784]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-10-09 1398936]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-26 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-22 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-22 464256]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-05-14 260856]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-08-20 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-08-20 61832]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-11-27 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2015-09-10 67976]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-26 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-26 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-26 155304]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-03-20 19250688]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-03-20 591872]
R3 bcbtums;@oem19.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem16.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-07-13 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 clwvd;@oem25.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2014-12-23 38720]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2014-12-23 38208]
R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2016-01-23 15920]
R3 esif_lf;esif_lf; C:\Windows\System32\drivers\esif_lf.sys [2014-12-23 216360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-04-03 4860856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-12-22 30512]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem17.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem20.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem20.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-01-23 22704]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-12-22 42288]
S3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-04-03 455440]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys [2015-04-16 53568]
S3 RSUSBSTOR;@oem18.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-03-20 246272]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 AppMgr1.26.3056825;Application Manager 1.26.3056825; C:\ProgramData\AppMgr1.26.3056825\appmgr.exe [2016-01-23 488368]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-26 226440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2014-12-23 1037568]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-04-03 344168]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-04-16 118048]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2015-12-26 452456]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
R3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09 174368]
S2 BcmBtRSupport;@oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-09 18584]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2016-01-23 1042304]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-04-03 279144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
Nahoru
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Re: Steelcut

#2 Příspěvek od Kaliban »

Ještě jednou ahoj,

omlouvám se, ale bych poprosit o pomoc?

Děkuji

K.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Steelcut

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Re: Steelcut

#4 Příspěvek od Kaliban »

Log

# AdwCleaner v5.030 - Logfile created 24/01/2016 at 12:06:55
# Updated 17/01/2016 by Xplode
# Database : 2016-01-19.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Anna - ANIČKA
# Running from : C:\Users\Anna\Downloads\adwcleaner_5.030.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : iSafeKrnl
Service Found : iSafeKrnlBoot
Service Found : iSafeKrnlKit
Service Found : iSafeKrnlMon
Service Found : iSafeKrnlR3
Service Found : iSafeNetFilter
Service Found : iSafeService
Service Found : AppMgr1.26.3056825

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Elex-tech
Folder Found : C:\Program Files (x86)\Steel Cut
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
Folder Found : C:\Users\Anna\AppData\Local\Temp\iSafeRightKeyScan
Folder Found : C:\Users\Anna\AppData\Roaming\Elex-tech

***** [ Files ] *****

File Found : C:\Users\Anna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk
File Found : C:\Users\Public\Desktop\YAC.lnk
File Found : C:\Windows\SysNative\log\iSafeKrnlCall.log
File Found : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
File Found : C:\Windows\SysNative\drivers\iSafeNetFilter.sys
File Found : C:\Windows\SysNative\drivers\{f27d11e3-6a28-4304-8802-9226aab77587}Gw64.sys

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Steel Cut
Key Found : HKCU\Software\Steel Cut
Key Found : HKLM\SOFTWARE\Elex-tech
Key Found : HKLM\SOFTWARE\Steel Cut
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steel Cut

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1891 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Steelcut

#5 Příspěvek od Rudy »

Neklikl jste na >clean<. Zkuste ještě jednou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Re: Steelcut

#6 Příspěvek od Kaliban »

Teď už správně?

# AdwCleaner v5.030 - Logfile created 24/01/2016 at 13:10:29
# Updated 17/01/2016 by Xplode
# Database : 2016-01-19.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Anna - ANIČKA
# Running from : C:\Users\Anna\Downloads\adwcleaner_5.030.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : iSafeKrnl
[-] Service Deleted : iSafeKrnlBoot
[-] Service Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlMon
[-] Service Deleted : iSafeKrnlR3
[-] Service Deleted : iSafeNetFilter
[-] Service Deleted : iSafeService
[-] Service Deleted : AppMgr1.26.3056825

***** [ Folders ] *****

[#] Folder Deleted : C:\Program Files (x86)\Elex-tech
[-] Folder Deleted : C:\Program Files (x86)\Steel Cut
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
[-] Folder Deleted : C:\Users\Anna\AppData\Local\Temp\iSafeRightKeyScan
[#] Folder Deleted : C:\Users\Anna\AppData\Roaming\Elex-tech

***** [ Files ] *****

[-] File Deleted : C:\Users\Anna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YAC.lnk
[-] File Deleted : C:\Users\Public\Desktop\YAC.lnk
[-] File Deleted : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] File Deleted : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] File Deleted : C:\Windows\SysNative\drivers\iSafeNetFilter.sys
[-] File Deleted : C:\Windows\SysNative\drivers\{f27d11e3-6a28-4304-8802-9226aab77587}Gw64.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update Steel Cut
[-] Key Deleted : HKCU\Software\Steel Cut
[-] Key Deleted : HKLM\SOFTWARE\Elex-tech
[-] Key Deleted : HKLM\SOFTWARE\Steel Cut
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steel Cut

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2133 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Steelcut

#7 Příspěvek od Rudy »

Teď je to v pořádku. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Re: Steelcut

#8 Příspěvek od Kaliban »

Nový log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Anna at 2016-01-24 18:28:16
Microsoft Windows 8.1
System drive C: has 411 GB (90%) free of 454 GB
Total RAM: 4017 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:28:20, on 24. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\TEMP\DPTF\esif_assist.exe
c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe
C:\Program Files\trend micro\Anna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10799 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice
atieclxx
C:\Windows\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\system32\WLANExt.exe 161788465984
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k utcsvc
dashost.exe {48362a9c-993b-4dca-be46df3ebb6caddb}
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7d4e8a26-006c-4124-b55f-baf489b29260 -SystemEventPortName:HostProcess-a6816f8f-e3c6-46a5-8f1a-4e8cbd45a27c -IoCancelEventPortName:HostProcess-18d908e0-f260-43d9-8f2a-a56015856ccc -NonStateChangingEventPortName:HostProcess-fb2f67d3-7201-44fa-b6ab-da5e5f63d16c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f55f5743-135b-42fb-828b-4bf7a823a967 -DeviceGroupId:
c:\windows\system32\svchost.exe -k wbiosvcgroup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
c:\windows\system32\svchost.exe -k localservicepeernet
"C:\Windows\TEMP\DPTF\esif_assist.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
"C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ui\updateui.exe" --port 35600
"C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.ZuneVideo.wwa
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"


"C:\Users\Anna\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-26 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-26 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-01-18 50615936]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-02-25 767176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-26 7021880]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-24 13:16:26 ----D---- C:\Users\Anna\AppData\Roaming\Elex-tech
2016-01-24 12:06:52 ----D---- C:\AdwCleaner
2016-01-23 23:30:19 ----D---- C:\Program Files\trend micro
2016-01-23 23:30:18 ----D---- C:\rsit
2016-01-23 23:12:48 ----D---- C:\Windows\system32\log
2016-01-23 22:31:55 ----D---- C:\ProgramData\AppMgr1.26.3056825
2016-01-23 22:20:49 ----A---- C:\autoexec.bat
2016-01-23 22:18:24 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-01-22 17:46:46 ----D---- C:\Users\Anna\AppData\Roaming\Skype
2016-01-22 17:46:28 ----RD---- C:\Program Files (x86)\Skype
2016-01-22 17:46:16 ----D---- C:\ProgramData\Skype
2016-01-22 17:20:16 ----A---- C:\Windows\system32\appraiser.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\invagent.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\generaltel.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\devinv.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-22 17:20:15 ----A---- C:\Windows\system32\aepic.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\aeinv.dll
2016-01-22 17:20:14 ----A---- C:\Windows\system32\acmigration.dll
2016-01-17 21:46:35 ----A---- C:\Windows\system32\mshtml.dll
2016-01-17 21:46:24 ----A---- C:\Windows\system32\jscript9.dll
2016-01-17 21:46:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-01-17 21:46:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-17 21:45:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-01-17 21:45:44 ----A---- C:\Windows\system32\wininet.dll
2016-01-17 21:45:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-01-17 21:45:40 ----A---- C:\Windows\system32\vbscript.dll
2016-01-17 21:45:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-17 21:45:38 ----A---- C:\Windows\system32\mshtmled.dll
2016-01-17 21:45:36 ----A---- C:\Windows\system32\ieframe.dll
2016-01-17 21:45:29 ----A---- C:\Windows\system32\urlmon.dll
2016-01-17 21:45:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-01-17 21:45:27 ----A---- C:\Windows\system32\inetcomm.dll
2016-01-17 21:45:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-01-17 21:45:25 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-01-17 21:45:24 ----A---- C:\Windows\system32\jscript.dll
2016-01-17 21:45:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-01-17 21:45:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-17 21:45:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-01-17 21:45:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-01-17 21:39:13 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-17 21:39:13 ----A---- C:\Windows\system32\qedit.dll
2016-01-17 21:38:54 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-17 21:38:53 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-17 21:38:53 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-17 21:38:53 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-17 21:38:52 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-01-17 21:38:52 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-01-17 21:38:52 ----A---- C:\Windows\system32\mfcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-17 21:38:51 ----A---- C:\Windows\system32\mfnetcore.dll
2016-01-17 21:38:50 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-17 21:38:50 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-17 21:38:50 ----A---- C:\Windows\system32\quartz.dll
2016-01-17 21:38:50 ----A---- C:\Windows\system32\evr.dll
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-17 21:38:49 ----A---- C:\Windows\system32\mfsvr.dll
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-01-17 21:38:48 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\qdvd.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\mfps.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\devenum.dll
2016-01-17 21:38:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-17 21:38:20 ----A---- C:\Windows\system32\schannel.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\cng.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\certcli.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-01-17 21:37:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-17 21:37:18 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-17 21:37:18 ----A---- C:\Windows\system32\ntdll.dll
2016-01-17 21:36:49 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-17 21:36:49 ----A---- C:\Windows\system32\gdi32.dll
2016-01-17 21:36:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-17 21:36:30 ----A---- C:\Windows\system32\advapi32.dll
2016-01-14 17:44:32 ----A---- C:\Windows\system32\aspnet_counters.dll
2016-01-14 17:44:30 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2016-01-14 17:16:33 ----A---- C:\Windows\system32\WiFiDisplay.dll
2016-01-09 18:26:48 ----D---- C:\Windows\system32\appraiser
2016-01-09 18:22:01 ----A---- C:\Windows\system32\drivers\bthhfenum.sys
2016-01-09 18:20:37 ----A---- C:\Windows\system32\drivers\tpm.sys
2016-01-09 18:20:09 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2016-01-09 18:20:09 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2016-01-09 18:19:41 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-01-09 18:19:41 ----A---- C:\Windows\system32\dwmcore.dll
2016-01-09 18:18:47 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-01-09 18:18:47 ----A---- C:\Windows\system32\d2d1.dll
2016-01-09 18:18:19 ----A---- C:\Windows\system32\drivers\tunnel.sys
2016-01-09 18:17:22 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-01-09 18:17:22 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-01-09 18:17:22 ----A---- C:\Windows\system32\msxml6.dll
2016-01-09 18:17:22 ----A---- C:\Windows\system32\msxml3.dll
2016-01-09 18:16:55 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-01-09 18:16:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-01-09 18:16:23 ----A---- C:\Windows\system32\AuthHost.exe
2016-01-09 18:15:57 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\UtcResources.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\tdh.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\diagtrack.dll
2016-01-09 18:15:25 ----A---- C:\Windows\system32\drivers\ahcache.sys
2016-01-09 18:14:58 ----A---- C:\Windows\SYSWOW64\Windows.UI.Input.Inking.dll
2016-01-09 18:14:58 ----A---- C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-01-09 18:14:30 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-01-09 18:14:30 ----A---- C:\Windows\system32\rastapi.dll
2016-01-09 18:14:02 ----A---- C:\Windows\system32\SystemSettingsDatabase.dll
2016-01-09 18:13:04 ----A---- C:\Windows\system32\consent.exe
2016-01-09 18:12:37 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-09 18:12:37 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\hidbth.sys
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-01-09 18:11:39 ----A---- C:\Windows\system32\dbgeng.dll
2016-01-09 18:11:38 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2016-01-09 18:11:38 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2016-01-09 18:11:38 ----A---- C:\Windows\system32\dbghelp.dll
2016-01-09 18:11:11 ----A---- C:\Windows\SYSWOW64\SRH.dll
2016-01-09 18:11:11 ----A---- C:\Windows\system32\SRH.dll
2016-01-09 18:10:20 ----A---- C:\Windows\system32\dpapisrv.dll
2016-01-09 18:09:43 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2016-01-09 18:09:15 ----A---- C:\Windows\SYSWOW64\PhotoMetadataHandler.dll
2016-01-09 18:09:15 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2016-01-09 18:08:47 ----A---- C:\Windows\system32\drivers\udfs.sys
2016-01-09 18:08:21 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-01-09 18:08:20 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-01-09 18:07:09 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-01-09 18:07:09 ----A---- C:\Windows\system32\msctf.dll
2016-01-09 18:06:14 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2016-01-09 18:05:14 ----A---- C:\Windows\system32\SettingsHandlers.dll
2016-01-09 18:04:42 ----A---- C:\Windows\system32\wevtsvc.dll
2016-01-09 18:04:17 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2016-01-09 18:04:17 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-09 18:04:17 ----A---- C:\Windows\system32\WSShared.dll
2016-01-09 18:04:17 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-09 18:03:17 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2016-01-09 18:03:17 ----A---- C:\Windows\system32\PCPKsp.dll
2016-01-09 18:02:50 ----A---- C:\Windows\SYSWOW64\authz.dll
2016-01-09 18:02:50 ----A---- C:\Windows\system32\authz.dll
2016-01-09 18:02:22 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2016-01-09 18:02:22 ----A---- C:\Windows\system32\UIAutomationCore.dll
2016-01-09 18:01:55 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-01-09 18:01:26 ----A---- C:\Windows\system32\profsvc.dll
2016-01-09 18:00:07 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-09 18:00:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-09 17:59:55 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2016-01-09 17:59:00 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2016-01-09 17:59:00 ----A---- C:\Windows\system32\netcfgx.dll
2016-01-09 17:59:00 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-01-09 17:58:33 ----A---- C:\Windows\system32\fhcpl.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eapphost.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eappgnui.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eappcfg.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eapp3hst.dll
2016-01-09 17:57:07 ----A---- C:\Windows\system32\drivers\sdbus.sys
2016-01-09 17:57:07 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2016-01-09 17:56:41 ----A---- C:\Windows\system32\mssrch.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\tquery.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-01-09 17:56:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssvp.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssphtb.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssph.dll
2016-01-09 17:56:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-01-09 17:56:19 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-01-09 17:56:18 ----A---- C:\Windows\system32\winlogon.exe
2016-01-09 17:56:18 ----A---- C:\Windows\system32\wininit.exe
2016-01-09 17:56:17 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2016-01-09 17:56:17 ----A---- C:\Windows\system32\msftedit.dll
2016-01-09 17:56:13 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-01-09 17:56:13 ----A---- C:\Windows\system32\sdbinst.exe
2016-01-09 17:56:13 ----A---- C:\Windows\system32\apphelp.dll
2016-01-09 17:56:11 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2016-01-09 17:54:04 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\ucrtbase.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 17:53:54 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-01-09 17:53:53 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-01-09 17:53:51 ----A---- C:\Windows\system32\wpdshext.dll
2016-01-09 17:53:51 ----A---- C:\Windows\system32\drivers\bthpan.sys
2016-01-09 17:53:50 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-01-09 17:53:21 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-09 17:53:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-09 17:53:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-09 17:53:20 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-09 17:53:10 ----A---- C:\Windows\system32\drivers\afd.sys
2016-01-09 17:53:09 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-01-09 17:50:46 ----A---- C:\Windows\system32\sysmain.dll
2016-01-09 17:50:46 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-01-09 17:50:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-09 17:49:35 ----D---- C:\Windows\system32\MRT
2016-01-09 17:49:27 ----A---- C:\Windows\system32\MRT.exe
2016-01-09 17:49:17 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-01-09 17:49:17 ----A---- C:\Windows\system32\iepeers.dll
2016-01-09 17:49:16 ----A---- C:\Windows\system32\iertutil.dll
2016-01-09 17:49:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-01-09 17:49:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-01-09 17:49:15 ----A---- C:\Windows\system32\actxprxy.dll
2016-01-09 17:49:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-01-09 17:49:14 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-01-09 17:49:14 ----A---- C:\Windows\system32\inseng.dll
2016-01-09 17:49:14 ----A---- C:\Windows\system32\ie4uinit.exe
2016-01-09 17:49:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-01-09 17:49:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-01-09 17:49:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-01-09 17:49:07 ----A---- C:\Windows\system32\webcheck.dll
2016-01-09 17:49:07 ----A---- C:\Windows\system32\jscript9diag.dll
2016-01-09 17:49:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-01-09 17:49:05 ----A---- C:\Windows\system32\msrating.dll
2016-01-09 17:49:05 ----A---- C:\Windows\system32\ieui.dll
2016-01-09 17:48:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-01-09 17:48:53 ----A---- C:\Windows\system32\dxtrans.dll
2016-01-09 17:48:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-01-09 17:48:52 ----A---- C:\Windows\system32\dxtmsft.dll
2016-01-09 17:46:56 ----A---- C:\Windows\system32\msi.dll
2016-01-09 17:46:55 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-01-09 17:46:55 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-01-09 17:46:55 ----A---- C:\Windows\system32\msiexec.exe
2016-01-09 17:46:37 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-01-09 17:46:36 ----A---- C:\Windows\system32\shell32.dll
2016-01-09 17:46:34 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\werdiagcontroller.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\audiosrv.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2016-01-09 17:43:28 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2016-01-09 17:43:28 ----A---- C:\Windows\SYSWOW64\sechost.dll
2016-01-09 17:43:28 ----A---- C:\Windows\system32\tracerpt.exe
2016-01-09 17:43:28 ----A---- C:\Windows\system32\sechost.dll
2016-01-09 17:43:22 ----A---- C:\Windows\system32\win32k.sys
2016-01-09 17:43:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\user32.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\GdiPlus.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\FntCache.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\DWrite.dll
2016-01-09 17:43:20 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-01-09 17:43:20 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-01-09 17:43:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-09 17:43:16 ----A---- C:\Windows\system32\wow64.dll
2016-01-09 17:43:14 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-01-09 17:43:13 ----A---- C:\Windows\system32\fveapi.dll
2016-01-09 17:43:13 ----A---- C:\Windows\system32\bdesvc.dll
2016-01-09 17:40:22 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-01-09 17:40:22 ----A---- C:\Windows\system32\lsm.dll
2016-01-09 17:40:22 ----A---- C:\Windows\system32\InkEd.dll
2016-01-09 17:40:06 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2016-01-09 17:40:06 ----A---- C:\Windows\system32\puiobj.dll
2016-01-09 17:40:06 ----A---- C:\Windows\system32\localspl.dll
2016-01-09 17:40:05 ----A---- C:\Windows\system32\compstui.dll
2016-01-09 17:26:40 ----A---- C:\Windows\system32\winresume.exe
2016-01-09 17:26:40 ----A---- C:\Windows\system32\winload.exe
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\comsvcs.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\catsrvut.dll
2016-01-09 17:13:56 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-01-09 17:13:56 ----A---- C:\Windows\system32\pku2u.dll
2016-01-09 17:13:28 ----A---- C:\Windows\system32\services.exe
2016-01-09 17:12:32 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\system32\WebClnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\system32\davclnt.dll
2016-01-09 17:12:16 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-01-09 17:12:16 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-01-09 17:10:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-09 17:10:27 ----A---- C:\Windows\system32\kerberos.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\shacct.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\SettingSync.dll
2016-01-09 17:09:33 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-01-09 17:09:33 ----A---- C:\Windows\system32\wuaueng.dll
2016-01-09 17:09:33 ----A---- C:\Windows\system32\wuapi.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuwebv.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wups2.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wudriver.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wucltux.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuauclt.exe
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuapp.exe
2016-01-09 17:09:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-01-09 17:09:00 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-01-09 17:09:00 ----A---- C:\Windows\system32\atmlib.dll
2016-01-09 17:09:00 ----A---- C:\Windows\system32\atmfd.dll
2016-01-09 17:07:53 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-01-09 17:07:53 ----A---- C:\Windows\system32\authui.dll
2016-01-09 17:05:38 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-09 17:05:38 ----A---- C:\Windows\system32\basesrv.dll
2016-01-09 17:02:13 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-01-09 17:02:13 ----A---- C:\Windows\system32\comctl32.dll
2016-01-09 16:59:16 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-01-09 16:59:16 ----A---- C:\Windows\system32\notepad.exe
2016-01-09 16:59:16 ----A---- C:\Windows\notepad.exe
2016-01-09 16:57:06 ----A---- C:\Windows\system32\drivers\http.sys
2016-01-09 16:54:45 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2016-01-09 16:54:45 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\taskeng.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\schtasks.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\schedsvc.dll
2016-01-09 16:54:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-01-09 16:54:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-01-09 16:54:17 ----A---- C:\Windows\system32\appidapi.dll
2016-01-09 16:53:50 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-01-09 16:53:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-01-09 16:53:50 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-01-09 16:53:50 ----A---- C:\Windows\system32\mstscax.dll
2016-01-09 16:47:00 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-01-09 16:47:00 ----A---- C:\Windows\system32\ole32.dll
2015-12-29 08:54:01 ----A---- C:\Windows\system32\tzsync.exe
2015-12-29 08:53:50 ----A---- C:\Windows\system32\storewuauth.dll
2015-12-29 08:53:20 ----A---- C:\Windows\system32\IKEEXT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2015-12-29 08:53:19 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\system32\nshwfp.dll
2015-12-29 08:53:19 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\system32\BFE.DLL
2015-12-29 08:52:42 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-12-29 08:52:42 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-12-29 08:52:42 ----A---- C:\Windows\system32\clfsw32.dll
2015-12-26 21:46:03 ----D---- C:\Users\Anna\AppData\Roaming\Foxit Software
2015-12-26 21:40:56 ----D---- C:\Program Files (x86)\Microsoft Works
2015-12-26 21:40:29 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2015-12-26 21:39:50 ----D---- C:\Windows\PCHEALTH
2015-12-26 21:37:59 ----D---- C:\Program Files\Microsoft Office
2015-12-26 21:37:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2015-12-26 21:37:27 ----D---- C:\ProgramData\Microsoft Help
2015-12-26 21:37:10 ----RHD---- C:\MSOCache
2015-12-26 20:50:26 ----D---- C:\Users\Anna\AppData\Roaming\DropboxOEM
2015-12-26 20:50:17 ----D---- C:\Users\Anna\AppData\Roaming\CyberLink
2015-12-26 20:46:45 ----D---- C:\Program Files\7-Zip
2015-12-26 20:41:02 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-26 20:40:03 ----D---- C:\Users\Anna\AppData\Roaming\AVAST Software
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswsp.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-12-26 20:39:19 ----A---- C:\Windows\avastSS.scr
2015-12-26 17:36:07 ----D---- C:\Program Files\CCleaner
2015-12-26 17:32:35 ----D---- C:\Program Files (x86)\Google
2015-12-26 17:31:23 ----D---- C:\Program Files\Common Files\AV
2015-12-26 17:31:11 ----D---- C:\Users\Anna\AppData\Roaming\Macromedia
2015-12-26 17:28:05 ----D---- C:\Users\Anna\AppData\Roaming\Hewlett-Packard
2015-12-26 17:27:25 ----D---- C:\Users\Anna\AppData\Roaming\hpqlog
2015-12-26 17:23:51 ----D---- C:\Users\Anna\AppData\Roaming\Adobe
2015-12-26 17:23:31 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-26 17:23:30 ----D---- C:\Users\Anna\AppData\Roaming\Synaptics
2015-12-26 17:21:20 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-26 17:21:19 ----SD---- C:\Windows\system32\GWX
2015-12-26 17:21:19 ----D---- C:\Windows\Migration
2015-12-26 17:19:28 ----SD---- C:\Users\Anna\AppData\Roaming\Microsoft
2015-12-26 17:14:01 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-12-26 17:14:01 ----A---- C:\Windows\system32\wups.dll
2015-12-26 17:14:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-12-26 17:14:01 ----A---- C:\Windows\explorer.exe
2015-12-26 17:14:00 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2015-12-26 17:14:00 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-12-26 17:14:00 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-12-26 17:14:00 ----A---- C:\Windows\system32\RestoreOptIn.exe
2015-12-26 17:12:22 ----D---- C:\Windows\SoftwareDistribution
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Šablony
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Plocha
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Nabídka Start
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Dokumenty
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Data aplikací

======List of files/folders modified in the last 1 month======

2016-01-24 18:26:59 ----D---- C:\Windows\system32\sru
2016-01-24 14:34:46 ----D---- C:\Windows\Temp
2016-01-24 13:48:28 ----RD---- C:\Program Files (x86)
2016-01-24 13:48:20 ----D---- C:\Windows\system32\drivers
2016-01-24 13:35:53 ----D---- C:\Windows\Inf
2016-01-24 13:35:53 ----D---- C:\Windows\debug
2016-01-24 13:35:53 ----D---- C:\Windows
2016-01-24 13:26:57 ----D---- C:\Windows\Prefetch
2016-01-24 13:20:47 ----RD---- C:\Windows\System32
2016-01-24 13:20:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-24 12:44:20 ----D---- C:\Windows\rescache
2016-01-24 12:36:57 ----SHD---- C:\System Volume Information
2016-01-24 12:35:31 ----D---- C:\Windows\Microsoft.NET
2016-01-24 12:35:30 ----RSD---- C:\Windows\assembly
2016-01-24 11:49:31 ----D---- C:\Windows\system32\catroot2
2016-01-24 11:47:49 ----RD---- C:\Program Files
2016-01-23 23:15:40 ----D---- C:\ProgramData\install_clap
2016-01-23 23:15:38 ----D---- C:\Windows\Panther
2016-01-23 23:05:39 ----HD---- C:\ProgramData
2016-01-23 23:04:26 ----D---- C:\Windows\SysWOW64
2016-01-23 23:02:01 ----D---- C:\Windows\system32\GroupPolicy
2016-01-23 22:20:10 ----D---- C:\Windows\system32\Tasks
2016-01-23 22:01:57 ----A---- C:\Windows\win.ini
2016-01-23 21:09:07 ----SD---- C:\ProgramData\Microsoft
2016-01-23 21:06:13 ----D---- C:\Windows\system32\config
2016-01-23 08:58:00 ----D---- C:\Windows\WinSxS
2016-01-22 22:00:29 ----D---- C:\Program Files\Internet Explorer
2016-01-22 22:00:25 ----SD---- C:\Windows\system32\CompatTel
2016-01-22 22:00:25 ----D---- C:\Windows\apppatch
2016-01-22 22:00:23 ----D---- C:\Windows\system32\DriverStore
2016-01-22 19:25:11 ----HD---- C:\Program Files\WindowsApps
2016-01-22 19:24:51 ----D---- C:\Windows\CbsTemp
2016-01-22 17:46:46 ----SHD---- C:\Windows\Installer
2016-01-22 17:46:29 ----D---- C:\Program Files (x86)\Common Files
2016-01-22 17:15:25 ----D---- C:\Windows\system32\wdi
2016-01-22 06:40:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-22 06:40:30 ----D---- C:\Windows\system32\cs-CZ
2016-01-22 06:40:28 ----RSD---- C:\Windows\Fonts
2016-01-22 06:40:28 ----RD---- C:\Windows\ImmersiveControlPanel
2016-01-22 06:40:21 ----D---- C:\Program Files\Windows Defender
2016-01-22 06:40:20 ----D---- C:\Windows\WinStore
2016-01-22 06:40:20 ----D---- C:\Program Files (x86)\Windows Defender
2016-01-17 21:30:40 ----D---- C:\Windows\AppCompat
2016-01-14 20:01:38 ----D---- C:\Windows\AppReadiness
2016-01-09 18:26:59 ----D---- C:\Windows\system32\sr-Latn-RS
2016-01-09 18:26:59 ----D---- C:\Windows\system32\sr-Latn-CS
2016-01-09 18:26:59 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-09 18:26:55 ----RD---- C:\Windows\ToastData
2016-01-09 18:26:53 ----D---- C:\Windows\PolicyDefinitions
2016-01-09 18:26:53 ----D---- C:\Program Files (x86)\Internet Explorer
2016-01-09 18:26:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-01-09 18:26:52 ----D---- C:\Program Files\Windows Journal
2016-01-09 18:26:48 ----D---- C:\Windows\SYSWOW64\inetsrv
2016-01-09 18:26:48 ----D---- C:\Windows\system32\wbem
2016-01-09 18:26:48 ----D---- C:\Windows\system32\inetsrv
2016-01-09 18:26:48 ----D---- C:\Windows\system32\Boot
2016-01-09 17:44:23 ----D---- C:\Program Files\Common Files\microsoft shared
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\winrm
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\slmgr
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\oobe
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\en
2016-01-09 17:32:07 ----D---- C:\Windows\servicing
2016-01-09 17:32:07 ----D---- C:\Program Files\Windows Photo Viewer
2016-01-09 17:32:07 ----D---- C:\Program Files\Windows Mail
2016-01-09 17:32:07 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-01-09 17:32:07 ----D---- C:\Program Files (x86)\Windows Media Player
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\WCN
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\wbem
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2016-01-09 17:32:05 ----D---- C:\Windows\system32\winrm
2016-01-09 17:32:05 ----D---- C:\Windows\system32\Sysprep
2016-01-09 17:32:05 ----D---- C:\Windows\system32\slmgr
2016-01-09 17:32:05 ----D---- C:\Windows\system32\sk-SK
2016-01-09 17:32:05 ----D---- C:\Windows\system32\oobe
2016-01-09 17:32:05 ----D---- C:\Windows\system32\migwiz
2016-01-09 17:32:05 ----D---- C:\Windows\system32\en
2016-01-09 17:32:05 ----D---- C:\Windows\en-US
2016-01-09 17:32:03 ----D---- C:\Windows\system32\en-US
2016-01-09 17:32:03 ----D---- C:\Windows\system32\drivers\en-US
2016-01-09 17:31:58 ----D---- C:\Windows\system32\WCN
2016-01-09 17:31:55 ----D---- C:\Windows\system32\SystemResetPlatform
2016-01-09 17:31:55 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2016-01-09 17:31:55 ----D---- C:\Windows\Help
2016-01-09 17:19:37 ----D---- C:\Program Files\Windows Media Player
2016-01-09 17:19:37 ----D---- C:\Program Files (x86)\Windows Mail
2016-01-09 17:19:36 ----D---- C:\Windows\SYSWOW64\en-GB
2016-01-09 17:19:36 ----D---- C:\Program Files\Common Files\System
2016-01-09 17:19:32 ----D---- C:\Windows\system32\en-GB
2016-01-09 17:03:22 ----D---- C:\Windows\Logs
2016-01-09 16:44:23 ----D---- C:\ProgramData\McAfee
2016-01-09 16:44:23 ----D---- C:\Program Files\Common Files
2016-01-05 21:04:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-29 08:54:36 ----D---- C:\Windows\system32\catroot
2015-12-28 07:14:25 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-12-26 21:40:46 ----D---- C:\Program Files (x86)\MSBuild
2015-12-26 21:40:38 ----D---- C:\Program Files (x86)\Microsoft Office
2015-12-26 21:40:26 ----D---- C:\Windows\ShellNew
2015-12-26 21:39:49 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-12-26 20:50:33 ----D---- C:\ProgramData\CyberLink
2015-12-26 20:38:24 ----D---- C:\Program Files\AVAST Software
2015-12-26 20:38:14 ----D---- C:\ProgramData\AVAST Software
2015-12-26 20:36:16 ----HD---- C:\Windows\ELAMBKUP
2015-12-26 17:39:24 ----D---- C:\Windows\system32\drivers\UMDF
2015-12-26 17:32:37 ----D---- C:\Windows\Tasks
2015-12-26 17:28:43 ----D---- C:\ProgramData\Intel
2015-12-26 17:24:41 ----SHD---- C:\$Recycle.Bin
2015-12-26 17:23:37 ----AHD---- C:\SYSTEM.SAV
2015-12-26 17:19:28 ----RD---- C:\Users
2015-12-26 17:14:30 ----D---- C:\Windows\system32\AdvancedInstallers
2015-12-26 17:14:04 ----D---- C:\Windows\system32\restore
2015-12-26 15:09:22 ----D---- C:\Program Files\Windows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem10.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2015-03-20 62152]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-26 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-26 273784]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-10-09 1398936]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-26 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-22 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-22 464256]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-12-15 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-26 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-26 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-26 155304]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-03-20 19250688]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-03-20 591872]
R3 bcbtums;@oem19.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem16.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-07-13 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 clwvd;@oem25.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2014-12-23 38720]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2014-12-23 38208]
R3 esif_lf;esif_lf; C:\Windows\System32\drivers\esif_lf.sys [2014-12-23 216360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-04-03 4860856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-12-22 30512]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem17.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-12-15 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem20.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem20.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-01-23 22704]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-12-22 42288]
S3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-04-03 455440]
S3 RSUSBSTOR;@oem18.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-03-20 246272]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-26 226440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2014-12-23 1037568]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-09 18584]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-04-03 344168]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2015-12-26 452456]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
R3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09 174368]
S2 BcmBtRSupport;@oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-04-03 279144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-11-21 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Steelcut

#9 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Re: Steelcut

#10 Příspěvek od Kaliban »

Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Anna at 2016-01-24 20:05:13
Microsoft Windows 8.1
System drive C: has 411 GB (90%) free of 454 GB
Total RAM: 4017 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:18, on 24. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\TEMP\DPTF\esif_assist.exe
c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Anna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10712 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 869493056800
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {4073f13a-a3fb-4ce6-a9cfdde187edbc0a}
C:\Windows\SysWOW64\esif_uf.exe
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0a2d4cd6-28c0-4582-8fe7-e52508539e27 -SystemEventPortName:HostProcess-9bf89860-a1cc-4ab5-a298-c6466dd63a02 -IoCancelEventPortName:HostProcess-2cd6af7b-8cf0-4ceb-8b46-849397cddf5c -NonStateChangingEventPortName:HostProcess-1081e125-967b-4156-8c26-94b35cbd390a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:21e095b0-5b9f-480e-959b-3283a2de3253 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\TEMP\DPTF\esif_assist.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
taskeng.exe {B0F7AB58-93EB-4675-87C1-407198BCE46E}
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
taskhostex.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
igfxEM.exe
igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Users\Anna\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-26 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-26 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-01-18 50615936]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-02-25 767176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-26 7021880]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-24 20:01:42 ----D---- C:\_OTM
2016-01-24 13:16:26 ----D---- C:\Users\Anna\AppData\Roaming\Elex-tech
2016-01-24 12:06:52 ----D---- C:\AdwCleaner
2016-01-23 23:30:19 ----D---- C:\Program Files\trend micro
2016-01-23 23:30:18 ----D---- C:\rsit
2016-01-23 23:12:48 ----D---- C:\Windows\system32\log
2016-01-23 22:31:55 ----D---- C:\ProgramData\AppMgr1.26.3056825
2016-01-23 22:20:49 ----A---- C:\autoexec.bat
2016-01-23 22:18:24 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-01-22 17:46:46 ----D---- C:\Users\Anna\AppData\Roaming\Skype
2016-01-22 17:46:28 ----RD---- C:\Program Files (x86)\Skype
2016-01-22 17:46:16 ----D---- C:\ProgramData\Skype
2016-01-22 17:20:16 ----A---- C:\Windows\system32\appraiser.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\invagent.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\generaltel.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\devinv.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-22 17:20:15 ----A---- C:\Windows\system32\aepic.dll
2016-01-22 17:20:15 ----A---- C:\Windows\system32\aeinv.dll
2016-01-22 17:20:14 ----A---- C:\Windows\system32\acmigration.dll
2016-01-17 21:46:35 ----A---- C:\Windows\system32\mshtml.dll
2016-01-17 21:46:24 ----A---- C:\Windows\system32\jscript9.dll
2016-01-17 21:46:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-01-17 21:46:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-17 21:45:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-01-17 21:45:44 ----A---- C:\Windows\system32\wininet.dll
2016-01-17 21:45:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-01-17 21:45:40 ----A---- C:\Windows\system32\vbscript.dll
2016-01-17 21:45:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-17 21:45:38 ----A---- C:\Windows\system32\mshtmled.dll
2016-01-17 21:45:36 ----A---- C:\Windows\system32\ieframe.dll
2016-01-17 21:45:29 ----A---- C:\Windows\system32\urlmon.dll
2016-01-17 21:45:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-01-17 21:45:27 ----A---- C:\Windows\system32\inetcomm.dll
2016-01-17 21:45:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-01-17 21:45:25 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-01-17 21:45:24 ----A---- C:\Windows\system32\jscript.dll
2016-01-17 21:45:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-01-17 21:45:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-17 21:45:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-01-17 21:45:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-01-17 21:39:13 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-17 21:39:13 ----A---- C:\Windows\system32\qedit.dll
2016-01-17 21:38:54 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-17 21:38:53 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-17 21:38:53 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-17 21:38:53 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-17 21:38:52 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-01-17 21:38:52 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-01-17 21:38:52 ----A---- C:\Windows\system32\mfcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-01-17 21:38:51 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-17 21:38:51 ----A---- C:\Windows\system32\mfnetcore.dll
2016-01-17 21:38:50 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-17 21:38:50 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-17 21:38:50 ----A---- C:\Windows\system32\quartz.dll
2016-01-17 21:38:50 ----A---- C:\Windows\system32\evr.dll
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-17 21:38:49 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-17 21:38:49 ----A---- C:\Windows\system32\mfsvr.dll
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-01-17 21:38:48 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-17 21:38:48 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-17 21:38:47 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\qdvd.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-17 21:38:47 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\mfps.dll
2016-01-17 21:38:47 ----A---- C:\Windows\system32\devenum.dll
2016-01-17 21:38:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-17 21:38:20 ----A---- C:\Windows\system32\schannel.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-01-17 21:38:19 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\drivers\cng.sys
2016-01-17 21:38:19 ----A---- C:\Windows\system32\certcli.dll
2016-01-17 21:38:19 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-01-17 21:37:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-17 21:37:18 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-17 21:37:18 ----A---- C:\Windows\system32\ntdll.dll
2016-01-17 21:36:49 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-17 21:36:49 ----A---- C:\Windows\system32\gdi32.dll
2016-01-17 21:36:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-17 21:36:30 ----A---- C:\Windows\system32\advapi32.dll
2016-01-14 17:44:32 ----A---- C:\Windows\system32\aspnet_counters.dll
2016-01-14 17:44:30 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2016-01-14 17:16:33 ----A---- C:\Windows\system32\WiFiDisplay.dll
2016-01-09 18:26:48 ----D---- C:\Windows\system32\appraiser
2016-01-09 18:22:01 ----A---- C:\Windows\system32\drivers\bthhfenum.sys
2016-01-09 18:20:37 ----A---- C:\Windows\system32\drivers\tpm.sys
2016-01-09 18:20:09 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2016-01-09 18:20:09 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2016-01-09 18:19:41 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-01-09 18:19:41 ----A---- C:\Windows\system32\dwmcore.dll
2016-01-09 18:18:47 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-01-09 18:18:47 ----A---- C:\Windows\system32\d2d1.dll
2016-01-09 18:18:19 ----A---- C:\Windows\system32\drivers\tunnel.sys
2016-01-09 18:17:22 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-01-09 18:17:22 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-01-09 18:17:22 ----A---- C:\Windows\system32\msxml6.dll
2016-01-09 18:17:22 ----A---- C:\Windows\system32\msxml3.dll
2016-01-09 18:16:55 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-01-09 18:16:54 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-01-09 18:16:23 ----A---- C:\Windows\system32\AuthHost.exe
2016-01-09 18:15:57 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\UtcResources.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\tdh.dll
2016-01-09 18:15:57 ----A---- C:\Windows\system32\diagtrack.dll
2016-01-09 18:15:25 ----A---- C:\Windows\system32\drivers\ahcache.sys
2016-01-09 18:14:58 ----A---- C:\Windows\SYSWOW64\Windows.UI.Input.Inking.dll
2016-01-09 18:14:58 ----A---- C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-01-09 18:14:30 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-01-09 18:14:30 ----A---- C:\Windows\system32\rastapi.dll
2016-01-09 18:14:02 ----A---- C:\Windows\system32\SystemSettingsDatabase.dll
2016-01-09 18:13:04 ----A---- C:\Windows\system32\consent.exe
2016-01-09 18:12:37 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-01-09 18:12:37 ----A---- C:\Windows\system32\KernelBase.dll
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\hidbth.sys
2016-01-09 18:12:08 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-01-09 18:11:39 ----A---- C:\Windows\system32\dbgeng.dll
2016-01-09 18:11:38 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2016-01-09 18:11:38 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2016-01-09 18:11:38 ----A---- C:\Windows\system32\dbghelp.dll
2016-01-09 18:11:11 ----A---- C:\Windows\SYSWOW64\SRH.dll
2016-01-09 18:11:11 ----A---- C:\Windows\system32\SRH.dll
2016-01-09 18:10:20 ----A---- C:\Windows\system32\dpapisrv.dll
2016-01-09 18:09:43 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2016-01-09 18:09:15 ----A---- C:\Windows\SYSWOW64\PhotoMetadataHandler.dll
2016-01-09 18:09:15 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2016-01-09 18:08:47 ----A---- C:\Windows\system32\drivers\udfs.sys
2016-01-09 18:08:21 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-01-09 18:08:20 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-01-09 18:07:09 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-01-09 18:07:09 ----A---- C:\Windows\system32\msctf.dll
2016-01-09 18:06:14 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2016-01-09 18:05:53 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2016-01-09 18:05:14 ----A---- C:\Windows\system32\SettingsHandlers.dll
2016-01-09 18:04:42 ----A---- C:\Windows\system32\wevtsvc.dll
2016-01-09 18:04:17 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2016-01-09 18:04:17 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-09 18:04:17 ----A---- C:\Windows\system32\WSShared.dll
2016-01-09 18:04:17 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-09 18:03:17 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2016-01-09 18:03:17 ----A---- C:\Windows\system32\PCPKsp.dll
2016-01-09 18:02:50 ----A---- C:\Windows\SYSWOW64\authz.dll
2016-01-09 18:02:50 ----A---- C:\Windows\system32\authz.dll
2016-01-09 18:02:22 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2016-01-09 18:02:22 ----A---- C:\Windows\system32\UIAutomationCore.dll
2016-01-09 18:01:55 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-01-09 18:01:54 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-01-09 18:01:26 ----A---- C:\Windows\system32\profsvc.dll
2016-01-09 18:00:07 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-09 18:00:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-09 17:59:55 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2016-01-09 17:59:00 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2016-01-09 17:59:00 ----A---- C:\Windows\system32\netcfgx.dll
2016-01-09 17:59:00 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-01-09 17:58:33 ----A---- C:\Windows\system32\fhcpl.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2016-01-09 17:57:35 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eapphost.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eappgnui.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eappcfg.dll
2016-01-09 17:57:35 ----A---- C:\Windows\system32\eapp3hst.dll
2016-01-09 17:57:07 ----A---- C:\Windows\system32\drivers\sdbus.sys
2016-01-09 17:57:07 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2016-01-09 17:56:41 ----A---- C:\Windows\system32\mssrch.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-01-09 17:56:40 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\tquery.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-01-09 17:56:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssvp.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssphtb.dll
2016-01-09 17:56:40 ----A---- C:\Windows\system32\mssph.dll
2016-01-09 17:56:20 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-01-09 17:56:19 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-01-09 17:56:18 ----A---- C:\Windows\system32\winlogon.exe
2016-01-09 17:56:18 ----A---- C:\Windows\system32\wininit.exe
2016-01-09 17:56:17 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2016-01-09 17:56:17 ----A---- C:\Windows\system32\msftedit.dll
2016-01-09 17:56:13 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-01-09 17:56:13 ----A---- C:\Windows\system32\sdbinst.exe
2016-01-09 17:56:13 ----A---- C:\Windows\system32\apphelp.dll
2016-01-09 17:56:11 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2016-01-09 17:54:04 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\ucrtbase.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-09 17:53:55 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-09 17:53:54 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-01-09 17:53:53 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-01-09 17:53:51 ----A---- C:\Windows\system32\wpdshext.dll
2016-01-09 17:53:51 ----A---- C:\Windows\system32\drivers\bthpan.sys
2016-01-09 17:53:50 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-01-09 17:53:21 ----A---- C:\Windows\system32\rpcrt4.dll
2016-01-09 17:53:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-01-09 17:53:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-01-09 17:53:20 ----A---- C:\Windows\system32\msv1_0.dll
2016-01-09 17:53:10 ----A---- C:\Windows\system32\drivers\afd.sys
2016-01-09 17:53:09 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-01-09 17:50:46 ----A---- C:\Windows\system32\sysmain.dll
2016-01-09 17:50:46 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-01-09 17:50:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-01-09 17:49:35 ----D---- C:\Windows\system32\MRT
2016-01-09 17:49:27 ----A---- C:\Windows\system32\MRT.exe
2016-01-09 17:49:17 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-01-09 17:49:17 ----A---- C:\Windows\system32\iepeers.dll
2016-01-09 17:49:16 ----A---- C:\Windows\system32\iertutil.dll
2016-01-09 17:49:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-01-09 17:49:15 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-01-09 17:49:15 ----A---- C:\Windows\system32\actxprxy.dll
2016-01-09 17:49:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-01-09 17:49:14 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-01-09 17:49:14 ----A---- C:\Windows\system32\inseng.dll
2016-01-09 17:49:14 ----A---- C:\Windows\system32\ie4uinit.exe
2016-01-09 17:49:12 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-01-09 17:49:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-01-09 17:49:10 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-01-09 17:49:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-01-09 17:49:07 ----A---- C:\Windows\system32\webcheck.dll
2016-01-09 17:49:07 ----A---- C:\Windows\system32\jscript9diag.dll
2016-01-09 17:49:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-01-09 17:49:05 ----A---- C:\Windows\system32\msrating.dll
2016-01-09 17:49:05 ----A---- C:\Windows\system32\ieui.dll
2016-01-09 17:48:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-01-09 17:48:53 ----A---- C:\Windows\system32\dxtrans.dll
2016-01-09 17:48:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-01-09 17:48:52 ----A---- C:\Windows\system32\dxtmsft.dll
2016-01-09 17:46:56 ----A---- C:\Windows\system32\msi.dll
2016-01-09 17:46:55 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-01-09 17:46:55 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-01-09 17:46:55 ----A---- C:\Windows\system32\msiexec.exe
2016-01-09 17:46:37 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-01-09 17:46:36 ----A---- C:\Windows\system32\shell32.dll
2016-01-09 17:46:34 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\werdiagcontroller.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\audiosrv.dll
2016-01-09 17:44:15 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2016-01-09 17:43:28 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2016-01-09 17:43:28 ----A---- C:\Windows\SYSWOW64\sechost.dll
2016-01-09 17:43:28 ----A---- C:\Windows\system32\tracerpt.exe
2016-01-09 17:43:28 ----A---- C:\Windows\system32\sechost.dll
2016-01-09 17:43:22 ----A---- C:\Windows\system32\win32k.sys
2016-01-09 17:43:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\user32.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\GdiPlus.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\FntCache.dll
2016-01-09 17:43:21 ----A---- C:\Windows\system32\DWrite.dll
2016-01-09 17:43:20 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-01-09 17:43:20 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-01-09 17:43:16 ----A---- C:\Windows\system32\wow64cpu.dll
2016-01-09 17:43:16 ----A---- C:\Windows\system32\wow64.dll
2016-01-09 17:43:14 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-01-09 17:43:13 ----A---- C:\Windows\system32\fveapi.dll
2016-01-09 17:43:13 ----A---- C:\Windows\system32\bdesvc.dll
2016-01-09 17:40:22 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-01-09 17:40:22 ----A---- C:\Windows\system32\lsm.dll
2016-01-09 17:40:22 ----A---- C:\Windows\system32\InkEd.dll
2016-01-09 17:40:06 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2016-01-09 17:40:06 ----A---- C:\Windows\system32\puiobj.dll
2016-01-09 17:40:06 ----A---- C:\Windows\system32\localspl.dll
2016-01-09 17:40:05 ----A---- C:\Windows\system32\compstui.dll
2016-01-09 17:26:40 ----A---- C:\Windows\system32\winresume.exe
2016-01-09 17:26:40 ----A---- C:\Windows\system32\winload.exe
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-01-09 17:26:38 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\ntvdm64.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\comsvcs.dll
2016-01-09 17:26:38 ----A---- C:\Windows\system32\catsrvut.dll
2016-01-09 17:13:56 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-01-09 17:13:56 ----A---- C:\Windows\system32\pku2u.dll
2016-01-09 17:13:28 ----A---- C:\Windows\system32\services.exe
2016-01-09 17:12:32 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\system32\WebClnt.dll
2016-01-09 17:12:32 ----A---- C:\Windows\system32\davclnt.dll
2016-01-09 17:12:16 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-01-09 17:12:16 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-01-09 17:10:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-01-09 17:10:27 ----A---- C:\Windows\system32\kerberos.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-01-09 17:09:58 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\shacct.dll
2016-01-09 17:09:58 ----A---- C:\Windows\system32\SettingSync.dll
2016-01-09 17:09:33 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-01-09 17:09:33 ----A---- C:\Windows\system32\wuaueng.dll
2016-01-09 17:09:33 ----A---- C:\Windows\system32\wuapi.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-01-09 17:09:32 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuwebv.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wups2.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wudriver.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wucltux.dll
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuauclt.exe
2016-01-09 17:09:32 ----A---- C:\Windows\system32\wuapp.exe
2016-01-09 17:09:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-01-09 17:09:00 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-01-09 17:09:00 ----A---- C:\Windows\system32\atmlib.dll
2016-01-09 17:09:00 ----A---- C:\Windows\system32\atmfd.dll
2016-01-09 17:07:53 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-01-09 17:07:53 ----A---- C:\Windows\system32\authui.dll
2016-01-09 17:05:38 ----A---- C:\Windows\system32\csrsrv.dll
2016-01-09 17:05:38 ----A---- C:\Windows\system32\basesrv.dll
2016-01-09 17:02:13 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-01-09 17:02:13 ----A---- C:\Windows\system32\comctl32.dll
2016-01-09 16:59:16 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-01-09 16:59:16 ----A---- C:\Windows\system32\notepad.exe
2016-01-09 16:59:16 ----A---- C:\Windows\notepad.exe
2016-01-09 16:57:06 ----A---- C:\Windows\system32\drivers\http.sys
2016-01-09 16:54:45 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2016-01-09 16:54:45 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\taskeng.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\schtasks.exe
2016-01-09 16:54:45 ----A---- C:\Windows\system32\schedsvc.dll
2016-01-09 16:54:17 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-01-09 16:54:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-01-09 16:54:17 ----A---- C:\Windows\system32\appidapi.dll
2016-01-09 16:53:50 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-01-09 16:53:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-01-09 16:53:50 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-01-09 16:53:50 ----A---- C:\Windows\system32\mstscax.dll
2016-01-09 16:47:00 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-01-09 16:47:00 ----A---- C:\Windows\system32\ole32.dll
2015-12-29 08:54:01 ----A---- C:\Windows\system32\tzsync.exe
2015-12-29 08:53:50 ----A---- C:\Windows\system32\storewuauth.dll
2015-12-29 08:53:20 ----A---- C:\Windows\system32\IKEEXT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2015-12-29 08:53:19 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\system32\nshwfp.dll
2015-12-29 08:53:19 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2015-12-29 08:53:19 ----A---- C:\Windows\system32\BFE.DLL
2015-12-29 08:52:42 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-12-29 08:52:42 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-12-29 08:52:42 ----A---- C:\Windows\system32\clfsw32.dll
2015-12-26 21:46:03 ----D---- C:\Users\Anna\AppData\Roaming\Foxit Software
2015-12-26 21:40:56 ----D---- C:\Program Files (x86)\Microsoft Works
2015-12-26 21:40:29 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2015-12-26 21:39:50 ----D---- C:\Windows\PCHEALTH
2015-12-26 21:37:59 ----D---- C:\Program Files\Microsoft Office
2015-12-26 21:37:55 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2015-12-26 21:37:27 ----D---- C:\ProgramData\Microsoft Help
2015-12-26 21:37:10 ----RHD---- C:\MSOCache
2015-12-26 20:50:26 ----D---- C:\Users\Anna\AppData\Roaming\DropboxOEM
2015-12-26 20:50:17 ----D---- C:\Users\Anna\AppData\Roaming\CyberLink
2015-12-26 20:46:45 ----D---- C:\Program Files\7-Zip
2015-12-26 20:41:02 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-26 20:40:03 ----D---- C:\Users\Anna\AppData\Roaming\AVAST Software
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswsp.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-12-26 20:39:26 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-12-26 20:39:19 ----A---- C:\Windows\avastSS.scr
2015-12-26 17:36:07 ----D---- C:\Program Files\CCleaner
2015-12-26 17:32:35 ----D---- C:\Program Files (x86)\Google
2015-12-26 17:31:23 ----D---- C:\Program Files\Common Files\AV
2015-12-26 17:31:11 ----D---- C:\Users\Anna\AppData\Roaming\Macromedia
2015-12-26 17:28:05 ----D---- C:\Users\Anna\AppData\Roaming\Hewlett-Packard
2015-12-26 17:27:25 ----D---- C:\Users\Anna\AppData\Roaming\hpqlog
2015-12-26 17:23:51 ----D---- C:\Users\Anna\AppData\Roaming\Adobe
2015-12-26 17:23:31 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-26 17:23:30 ----D---- C:\Users\Anna\AppData\Roaming\Synaptics
2015-12-26 17:21:20 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-26 17:21:19 ----SD---- C:\Windows\system32\GWX
2015-12-26 17:21:19 ----D---- C:\Windows\Migration
2015-12-26 17:19:28 ----SD---- C:\Users\Anna\AppData\Roaming\Microsoft
2015-12-26 17:14:01 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-12-26 17:14:01 ----A---- C:\Windows\system32\wups.dll
2015-12-26 17:14:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-12-26 17:14:01 ----A---- C:\Windows\explorer.exe
2015-12-26 17:14:00 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2015-12-26 17:14:00 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-12-26 17:14:00 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-12-26 17:14:00 ----A---- C:\Windows\system32\RestoreOptIn.exe
2015-12-26 17:12:22 ----D---- C:\Windows\SoftwareDistribution
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Šablony
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Plocha
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Nabídka Start
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Dokumenty
2015-12-26 15:09:22 ----SHD---- C:\ProgramData\Data aplikací

======List of files/folders modified in the last 1 month======

2016-01-24 20:03:32 ----D---- C:\Windows\Temp
2016-01-24 20:03:10 ----D---- C:\Windows
2016-01-24 20:01:42 ----D---- C:\Windows\Tasks
2016-01-24 19:59:36 ----D---- C:\Windows\Prefetch
2016-01-24 19:58:31 ----D---- C:\Windows\system32\sru
2016-01-24 13:48:28 ----RD---- C:\Program Files (x86)
2016-01-24 13:48:20 ----D---- C:\Windows\system32\drivers
2016-01-24 13:35:53 ----D---- C:\Windows\Inf
2016-01-24 13:35:53 ----D---- C:\Windows\debug
2016-01-24 13:20:47 ----RD---- C:\Windows\System32
2016-01-24 13:20:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-24 12:44:20 ----D---- C:\Windows\rescache
2016-01-24 12:36:57 ----SHD---- C:\System Volume Information
2016-01-24 12:35:31 ----D---- C:\Windows\Microsoft.NET
2016-01-24 12:35:30 ----RSD---- C:\Windows\assembly
2016-01-24 11:49:31 ----D---- C:\Windows\system32\catroot2
2016-01-24 11:47:49 ----RD---- C:\Program Files
2016-01-23 23:15:40 ----D---- C:\ProgramData\install_clap
2016-01-23 23:15:38 ----D---- C:\Windows\Panther
2016-01-23 23:05:39 ----HD---- C:\ProgramData
2016-01-23 23:04:26 ----D---- C:\Windows\SysWOW64
2016-01-23 23:02:01 ----D---- C:\Windows\system32\GroupPolicy
2016-01-23 22:20:10 ----D---- C:\Windows\system32\Tasks
2016-01-23 22:01:57 ----A---- C:\Windows\win.ini
2016-01-23 21:09:07 ----SD---- C:\ProgramData\Microsoft
2016-01-23 21:06:13 ----D---- C:\Windows\system32\config
2016-01-23 08:58:00 ----D---- C:\Windows\WinSxS
2016-01-22 22:00:29 ----D---- C:\Program Files\Internet Explorer
2016-01-22 22:00:25 ----SD---- C:\Windows\system32\CompatTel
2016-01-22 22:00:25 ----D---- C:\Windows\apppatch
2016-01-22 22:00:23 ----D---- C:\Windows\system32\DriverStore
2016-01-22 19:25:11 ----HD---- C:\Program Files\WindowsApps
2016-01-22 19:24:51 ----D---- C:\Windows\CbsTemp
2016-01-22 17:46:46 ----SHD---- C:\Windows\Installer
2016-01-22 17:46:29 ----D---- C:\Program Files (x86)\Common Files
2016-01-22 17:15:25 ----D---- C:\Windows\system32\wdi
2016-01-22 06:40:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-22 06:40:30 ----D---- C:\Windows\system32\cs-CZ
2016-01-22 06:40:28 ----RSD---- C:\Windows\Fonts
2016-01-22 06:40:28 ----RD---- C:\Windows\ImmersiveControlPanel
2016-01-22 06:40:21 ----D---- C:\Program Files\Windows Defender
2016-01-22 06:40:20 ----D---- C:\Windows\WinStore
2016-01-22 06:40:20 ----D---- C:\Program Files (x86)\Windows Defender
2016-01-17 21:30:40 ----D---- C:\Windows\AppCompat
2016-01-14 20:01:38 ----D---- C:\Windows\AppReadiness
2016-01-09 18:26:59 ----D---- C:\Windows\system32\sr-Latn-RS
2016-01-09 18:26:59 ----D---- C:\Windows\system32\sr-Latn-CS
2016-01-09 18:26:59 ----D---- C:\Windows\system32\CodeIntegrity
2016-01-09 18:26:55 ----RD---- C:\Windows\ToastData
2016-01-09 18:26:53 ----D---- C:\Windows\PolicyDefinitions
2016-01-09 18:26:53 ----D---- C:\Program Files (x86)\Internet Explorer
2016-01-09 18:26:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-01-09 18:26:52 ----D---- C:\Program Files\Windows Journal
2016-01-09 18:26:48 ----D---- C:\Windows\SYSWOW64\inetsrv
2016-01-09 18:26:48 ----D---- C:\Windows\system32\wbem
2016-01-09 18:26:48 ----D---- C:\Windows\system32\inetsrv
2016-01-09 18:26:48 ----D---- C:\Windows\system32\Boot
2016-01-09 17:44:23 ----D---- C:\Program Files\Common Files\microsoft shared
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\winrm
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\slmgr
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\oobe
2016-01-09 17:32:07 ----D---- C:\Windows\SYSWOW64\en
2016-01-09 17:32:07 ----D---- C:\Windows\servicing
2016-01-09 17:32:07 ----D---- C:\Program Files\Windows Photo Viewer
2016-01-09 17:32:07 ----D---- C:\Program Files\Windows Mail
2016-01-09 17:32:07 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-01-09 17:32:07 ----D---- C:\Program Files (x86)\Windows Media Player
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\en-US
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2016-01-09 17:32:06 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\WCN
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\wbem
2016-01-09 17:32:05 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2016-01-09 17:32:05 ----D---- C:\Windows\system32\winrm
2016-01-09 17:32:05 ----D---- C:\Windows\system32\Sysprep
2016-01-09 17:32:05 ----D---- C:\Windows\system32\slmgr
2016-01-09 17:32:05 ----D---- C:\Windows\system32\sk-SK
2016-01-09 17:32:05 ----D---- C:\Windows\system32\oobe
2016-01-09 17:32:05 ----D---- C:\Windows\system32\migwiz
2016-01-09 17:32:05 ----D---- C:\Windows\system32\en
2016-01-09 17:32:05 ----D---- C:\Windows\en-US
2016-01-09 17:32:03 ----D---- C:\Windows\system32\en-US
2016-01-09 17:32:03 ----D---- C:\Windows\system32\drivers\en-US
2016-01-09 17:31:58 ----D---- C:\Windows\system32\WCN
2016-01-09 17:31:55 ----D---- C:\Windows\system32\SystemResetPlatform
2016-01-09 17:31:55 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2016-01-09 17:31:55 ----D---- C:\Windows\Help
2016-01-09 17:19:37 ----D---- C:\Program Files\Windows Media Player
2016-01-09 17:19:37 ----D---- C:\Program Files (x86)\Windows Mail
2016-01-09 17:19:36 ----D---- C:\Windows\SYSWOW64\en-GB
2016-01-09 17:19:36 ----D---- C:\Program Files\Common Files\System
2016-01-09 17:19:32 ----D---- C:\Windows\system32\en-GB
2016-01-09 17:03:22 ----D---- C:\Windows\Logs
2016-01-09 16:44:23 ----D---- C:\ProgramData\McAfee
2016-01-09 16:44:23 ----D---- C:\Program Files\Common Files
2016-01-05 21:04:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-29 08:54:36 ----D---- C:\Windows\system32\catroot
2015-12-28 07:14:25 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-12-26 21:40:46 ----D---- C:\Program Files (x86)\MSBuild
2015-12-26 21:40:38 ----D---- C:\Program Files (x86)\Microsoft Office
2015-12-26 21:40:26 ----D---- C:\Windows\ShellNew
2015-12-26 21:39:49 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-12-26 20:50:33 ----D---- C:\ProgramData\CyberLink
2015-12-26 20:38:24 ----D---- C:\Program Files\AVAST Software
2015-12-26 20:38:14 ----D---- C:\ProgramData\AVAST Software
2015-12-26 20:36:16 ----HD---- C:\Windows\ELAMBKUP
2015-12-26 17:39:24 ----D---- C:\Windows\system32\drivers\UMDF
2015-12-26 17:28:43 ----D---- C:\ProgramData\Intel
2015-12-26 17:24:41 ----SHD---- C:\$Recycle.Bin
2015-12-26 17:23:37 ----AHD---- C:\SYSTEM.SAV
2015-12-26 17:19:28 ----RD---- C:\Users
2015-12-26 17:14:30 ----D---- C:\Windows\system32\AdvancedInstallers
2015-12-26 17:14:04 ----D---- C:\Windows\system32\restore
2015-12-26 15:09:22 ----D---- C:\Program Files\Windows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem10.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2015-03-20 62152]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-26 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-26 273784]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-10-09 1398936]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-26 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-22 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-22 464256]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-12-15 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-26 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-26 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-26 155304]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-03-20 19250688]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-03-20 591872]
R3 bcbtums;@oem19.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem16.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-07-13 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 clwvd;@oem25.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2014-12-23 38720]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2014-12-23 38208]
R3 esif_lf;esif_lf; C:\Windows\System32\drivers\esif_lf.sys [2014-12-23 216360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-04-03 4860856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-12-22 30512]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-10-10 129312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem17.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-12-15 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem20.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem20.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-01-23 22704]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-12-22 42288]
S3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-04-03 455440]
S3 RSUSBSTOR;@oem18.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-03-20 246272]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-26 226440]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2014-12-23 1037568]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-04-03 344168]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2015-12-26 452456]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
S2 BcmBtRSupport;@oem19.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-09 18584]
S2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-10 132896]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-10 158496]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-10 409376]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-04-03 279144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09 174368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-11-21 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Steelcut

#11 Příspěvek od Rudy »

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Re: Steelcut

#12 Příspěvek od Kaliban »

Zdá se být vše v pořádku.
Je ještě něco potřeba provést?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Steelcut

#13 Příspěvek od Rudy »

Pokud je všechno OK, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Kaliban
Návštěvník
Návštěvník
Příspěvky: 115
Registrován: 08 bře 2009 12:51

Re: Steelcut

#14 Příspěvek od Kaliban »

Děkuji moc za pomoc.
K.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Steelcut

#15 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“