Prosím o radu či pomoc, pokud pustím nějaké stream video v prohližeči ať IE nebo chrome, po chvilince se obraz seká a přehrávání není plynule. Pokud pohybuji kurzorem myši, přehrávání v pořádku funguje, nebo pokud spustím taskmanager videa jdou také plynule přehrávat.
zatím jsem jen aktualizoval flash player, ovladače od grafiky a aktualizoval řádně windows, problém přetrvává.
přikládám tedy log, děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dana at 2016-03-04 17:45:04
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 858 GB (92%) free of 936 GB
Total RAM: 3529 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:45:15, on 4.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HP Camera Driver_Monitor] "C:\Program Files (x86)\HP Camera Driver\monitor.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: win32cldefender.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10675 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 23634784
\??\C:\windows\system32\conhost.exe "8388921941472563725-132957597410251478281813944610-819588713805242358-1690262581
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
atieclxx
C:\windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
"C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4416.0.746660771\1917383252" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x1002 --gpu-device-id=0x1318 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.1001 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4416.4.1598041246\812434878" --font-cache-shared-handle=3916 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4416.5.223072865\178925342" --font-cache-shared-handle=4248 /prefetch:673131151
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /showGadgets
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4416.7.1983764359\1913512932" --ppapi-flash-args --lang=cs --device-scale-factor=1 --font-cache-shared-handle=1564 --ignored=" --type=renderer " /prefetch:-632637702
taskmgr.exe /3
taskeng.exe {B572FEA7-51BB-4D2F-97F1-8B2A95B57749}
taskeng.exe {98614055-252F-40F5-8F96-A78A09AA78AB}
C:\windows\system32\sppsvc.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A1/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4416.10.358643266\1478779029" --font-cache-shared-handle=2452 /prefetch:673131151
"C:\Users\Dana\Downloads\RSITx64 (1).exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-11-11 7659224]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-31 2863344]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-12-04 4867784]
"NUSB3MON"=C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2015-04-06 488640]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HP Camera Driver_Monitor"=C:\Program Files (x86)\HP Camera Driver\monitor.exe []
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Mirage"=c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe []
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2015-12-11 56080]
C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
win32cldefender.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-04 17:45:06 ----D---- C:\Program Files\trend micro
2016-03-04 17:45:04 ----D---- C:\rsit
2016-03-02 23:45:02 ----A---- C:\windows\system32\rdpudd.dll
2016-03-02 23:45:01 ----A---- C:\windows\system32\TSWbPrxy.exe
2016-03-02 23:45:01 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2016-03-02 23:45:01 ----A---- C:\windows\system32\rdpcorets.dll
2016-02-29 23:06:10 ----D---- C:\Users\Dana\AppData\Roaming\library_dir
2016-02-29 23:04:56 ----D---- C:\Users\Dana\AppData\Roaming\Raptr
2016-02-29 23:04:56 ----D---- C:\Program Files (x86)\Raptr
2016-02-29 23:03:41 ----D---- C:\Program Files\AMD Quick Stream
2016-02-29 23:03:41 ----A---- C:\windows\system32\drivers\appexDrv.sys
2016-02-29 22:46:05 ----D---- C:\AMD
2016-02-29 12:34:57 ----SD---- C:\windows\SYSWOW64\GWX
2016-02-29 12:34:57 ----SD---- C:\windows\system32\GWX
2016-02-29 12:34:57 ----SD---- C:\windows\system32\CompatTel
2016-02-29 12:34:57 ----D---- C:\windows\system32\appraiser
2016-02-29 12:28:16 ----D---- C:\windows\system32\MRT
2016-02-29 12:28:12 ----A---- C:\windows\system32\MRT.exe
2016-02-29 11:40:36 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2016-02-29 11:40:31 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-02-29 11:40:31 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-02-29 11:40:30 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\mstsc.exe
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2016-02-29 11:40:29 ----A---- C:\windows\system32\wksprtPS.dll
2016-02-29 11:40:29 ----A---- C:\windows\system32\wksprt.exe
2016-02-29 11:40:29 ----A---- C:\windows\system32\tsgqec.dll
2016-02-29 11:40:29 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2016-02-29 11:40:28 ----A---- C:\windows\SYSWOW64\mstscax.dll
2016-02-29 11:40:28 ----A---- C:\windows\system32\mstscax.dll
2016-02-29 11:40:28 ----A---- C:\windows\system32\mstsc.exe
2016-02-29 11:40:27 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2016-02-29 11:40:27 ----A---- C:\windows\system32\rdvidcrl.dll
2016-02-29 11:32:48 ----A---- C:\windows\system32\drivers\TsUsbGD.sys
2016-02-29 11:32:48 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2016-02-29 11:32:44 ----A---- C:\windows\SYSWOW64\rdpendp_winip.dll
2016-02-29 11:32:43 ----A---- C:\windows\system32\rdpendp_winip.dll
2016-02-29 11:17:06 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2016-02-29 11:17:06 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2016-02-29 11:17:05 ----A---- C:\windows\system32\WUDFSvc.dll
2016-02-29 11:17:04 ----A---- C:\windows\system32\WUDFPlatform.dll
2016-02-29 11:17:03 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2016-02-29 11:17:02 ----A---- C:\windows\system32\WUDFx.dll
2016-02-29 11:17:02 ----A---- C:\windows\system32\WUDFHost.exe
2016-02-29 11:14:24 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-29 11:14:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-29 11:07:46 ----D---- C:\windows\Migration
2016-02-29 10:59:30 ----A---- C:\windows\system32\invagent.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\generaltel.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\devinv.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-02-29 10:59:30 ----A---- C:\windows\system32\appraiser.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\aitstatic.exe
2016-02-29 10:59:30 ----A---- C:\windows\system32\acmigration.dll
2016-02-29 10:59:29 ----A---- C:\windows\system32\aepic.dll
2016-02-29 10:59:29 ----A---- C:\windows\system32\aeinv.dll
2016-02-29 10:59:23 ----A---- C:\windows\system32\UtcResources.dll
2016-02-29 10:59:23 ----A---- C:\windows\system32\diagtrack.dll
2016-02-29 10:59:19 ----A---- C:\windows\system32\tdh.dll
2016-02-29 10:59:18 ----A---- C:\windows\SYSWOW64\tdh.dll
2016-02-29 10:58:40 ----A---- C:\windows\SYSWOW64\tracerpt.exe
2016-02-29 10:58:40 ----A---- C:\windows\system32\tracerpt.exe
2016-02-29 10:58:40 ----A---- C:\windows\system32\sechost.dll
2016-02-29 10:58:39 ----A---- C:\windows\SYSWOW64\sechost.dll
2016-02-29 10:58:39 ----A---- C:\windows\SYSWOW64\logman.exe
2016-02-29 10:58:39 ----A---- C:\windows\system32\logman.exe
2016-02-29 10:58:38 ----A---- C:\windows\SYSWOW64\typeperf.exe
2016-02-29 10:58:38 ----A---- C:\windows\system32\typeperf.exe
2016-02-29 10:58:38 ----A---- C:\windows\system32\relog.exe
2016-02-29 10:58:37 ----A---- C:\windows\SYSWOW64\relog.exe
2016-02-29 10:58:37 ----A---- C:\windows\SYSWOW64\diskperf.exe
2016-02-29 10:58:37 ----A---- C:\windows\system32\diskperf.exe
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\ucrtbase.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-29 10:57:29 ----A---- C:\windows\system32\icaapi.dll
2016-02-29 10:57:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2016-02-29 10:57:08 ----A---- C:\windows\SYSWOW64\apphelp.dll
2016-02-29 10:57:08 ----A---- C:\windows\system32\apphelp.dll
2016-02-29 10:57:07 ----A---- C:\windows\SYSWOW64\shimeng.dll
2016-02-29 10:57:07 ----A---- C:\windows\SYSWOW64\sdbinst.exe
2016-02-29 10:57:07 ----A---- C:\windows\system32\shimeng.dll
2016-02-29 10:57:07 ----A---- C:\windows\system32\sdbinst.exe
2016-02-29 10:57:07 ----A---- C:\windows\system32\aelupsvc.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\nlsbres.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\kbdgeoqw.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\KBDAZEL.DLL
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\KBDAZE.DLL
2016-02-29 10:56:50 ----A---- C:\windows\system32\nlsbres.dll
2016-02-29 10:56:50 ----A---- C:\windows\system32\kbdgeoqw.dll
2016-02-29 10:56:50 ----A---- C:\windows\system32\KBDAZEL.DLL
2016-02-29 10:56:50 ----A---- C:\windows\system32\KBDAZE.DLL
2016-02-29 10:56:31 ----A---- C:\windows\system32\shell32.dll
2016-02-29 10:56:29 ----A---- C:\windows\SYSWOW64\shell32.dll
2016-02-29 10:56:29 ----A---- C:\windows\explorer.exe
2016-02-29 10:56:28 ----A---- C:\windows\SYSWOW64\explorer.exe
2016-02-29 10:56:28 ----A---- C:\windows\system32\ExplorerFrame.dll
2016-02-29 10:56:27 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2016-02-29 10:56:27 ----A---- C:\windows\SYSWOW64\authui.dll
2016-02-29 10:56:27 ----A---- C:\windows\system32\authui.dll
2016-02-29 10:56:13 ----A---- C:\windows\SYSWOW64\TSWorkspace.dll
2016-02-29 10:56:13 ----A---- C:\windows\system32\TSWorkspace.dll
2016-02-29 10:55:32 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2016-02-29 10:55:32 ----A---- C:\windows\system32\cryptsvc.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\wintrust.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\crypt32.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\wintrust.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\cryptnet.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\crypt32.dll
2016-02-29 10:55:03 ----A---- C:\windows\system32\consent.exe
2016-02-29 10:55:02 ----A---- C:\windows\system32\appinfo.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuwebv.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wups.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wudriver.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wucltux.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuaueng.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuapi.dll
2016-02-29 10:54:51 ----A---- C:\windows\SYSWOW64\wups.dll
2016-02-29 10:54:51 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wups2.dll
2016-02-29 10:54:51 ----A---- C:\windows\system32\wuauclt.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wuapp.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-02-29 10:54:51 ----A---- C:\windows\system32\WinSetupUI.dll
2016-02-29 10:54:39 ----A---- C:\windows\system32\WsmSvc.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmAuto.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WSManMigrationPlugin.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WSManHTTPConfig.exe
2016-02-29 10:54:38 ----A---- C:\windows\system32\WsmWmiPl.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WsmAuto.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WSManMigrationPlugin.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WSManHTTPConfig.exe
2016-02-29 10:54:35 ----A---- C:\windows\SYSWOW64\tzres.dll
2016-02-29 10:54:35 ----A---- C:\windows\system32\tzres.dll
2016-02-29 10:54:23 ----A---- C:\windows\SYSWOW64\wpdshext.dll
2016-02-29 10:54:23 ----A---- C:\windows\system32\wpdshext.dll
2016-02-29 10:54:22 ----A---- C:\windows\SYSWOW64\wdi.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\wdi.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\powertracker.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\perftrack.dll
2016-02-29 10:54:16 ----A---- C:\windows\system32\msxml6.dll
2016-02-29 10:54:15 ----A---- C:\windows\SYSWOW64\msxml6.dll
2016-02-29 10:54:15 ----A---- C:\windows\SYSWOW64\msxml3.dll
2016-02-29 10:54:15 ----A---- C:\windows\system32\msxml3.dll
2016-02-29 10:54:14 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2016-02-29 10:54:14 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2016-02-29 10:54:14 ----A---- C:\windows\system32\msxml6r.dll
2016-02-29 10:54:14 ----A---- C:\windows\system32\msxml3r.dll
2016-02-29 10:54:08 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2016-02-29 10:54:08 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2016-02-29 10:54:08 ----A---- C:\windows\system32\dwmcore.dll
2016-02-29 10:54:08 ----A---- C:\windows\system32\dwmapi.dll
2016-02-29 10:54:00 ----A---- C:\windows\system32\drivers\stream.sys
2016-02-29 10:53:59 ----A---- C:\windows\system32\drivers\ntfs.sys
2016-02-29 10:53:58 ----A---- C:\windows\system32\charmap.exe
2016-02-29 10:53:57 ----A---- C:\windows\SYSWOW64\charmap.exe
2016-02-29 10:53:56 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-02-29 10:53:56 ----A---- C:\windows\system32\oleaut32.dll
2016-02-29 01:33:22 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mwac.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mbam.sys
2016-02-29 01:32:38 ----D---- C:\ProgramData\Malwarebytes
2016-02-29 01:32:38 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-29 01:13:14 ----D---- C:\AdwCleaner
2016-02-11 10:06:39 ----D---- C:\Hry
2016-02-11 10:02:10 ----D---- C:\windows\system32\appmgmt
2016-02-10 23:36:16 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-02-10 23:36:08 ----D---- C:\windows\SYSWOW64\Macromed
2016-02-10 23:36:02 ----D---- C:\windows\system32\Macromed
2016-02-10 23:20:02 ----D---- C:\Program Files (x86)\Google
2016-02-10 20:24:52 ----D---- C:\Program Files (x86)\Cities Skylines
2016-02-10 20:05:55 ----D---- C:\Users\Dana\AppData\Roaming\.mono
2016-02-10 20:05:55 ----D---- C:\ProgramData\.mono
2016-02-10 17:43:14 ----A---- C:\windows\system32\InkEd.dll
2016-02-10 17:43:13 ----A---- C:\windows\SYSWOW64\InkEd.dll
2016-02-10 17:43:12 ----A---- C:\windows\system32\jnwmon.dll
2016-02-10 17:43:10 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-02-10 17:43:10 ----A---- C:\windows\system32\iertutil.dll
2016-02-10 17:43:09 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-02-10 17:43:04 ----A---- C:\windows\system32\urlmon.dll
2016-02-10 17:43:03 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-02-10 17:43:03 ----A---- C:\windows\system32\ieui.dll
2016-02-10 17:43:03 ----A---- C:\windows\system32\ieframe.dll
2016-02-10 17:43:01 ----A---- C:\windows\system32\mshtml.dll
2016-02-10 17:43:01 ----A---- C:\windows\system32\ieUnatt.exe
2016-02-10 17:42:50 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-02-10 17:42:50 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 17:42:49 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-02-10 17:42:49 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\iernonce.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\ieetwcollector.exe
2016-02-10 17:42:48 ----A---- C:\windows\SYSWOW64\occache.dll
2016-02-10 17:42:48 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-02-10 17:42:48 ----A---- C:\windows\system32\inseng.dll
2016-02-10 17:42:48 ----A---- C:\windows\system32\ie4uinit.exe
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-02-10 17:42:47 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 17:42:46 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-02-10 17:42:43 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-02-10 17:42:43 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-02-10 17:42:43 ----A---- C:\windows\system32\occache.dll
2016-02-10 17:42:43 ----A---- C:\windows\system32\iedkcs32.dll
2016-02-10 17:42:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-02-10 17:42:42 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-02-10 17:42:41 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-02-10 17:42:41 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-02-10 17:42:41 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-02-10 17:42:40 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-02-10 17:42:40 ----A---- C:\windows\system32\msfeeds.dll
2016-02-10 17:42:40 ----A---- C:\windows\system32\dxtrans.dll
2016-02-10 17:42:38 ----A---- C:\windows\system32\iesetup.dll
2016-02-10 17:42:37 ----A---- C:\windows\system32\ieapfltr.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-02-10 17:42:34 ----A---- C:\windows\system32\vbscript.dll
2016-02-10 17:42:33 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-02-10 17:42:33 ----A---- C:\windows\system32\jsproxy.dll
2016-02-10 17:42:32 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-02-10 17:42:32 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-02-10 17:42:31 ----A---- C:\windows\system32\dxtmsft.dll
2016-02-10 17:42:29 ----A---- C:\windows\system32\mshtmled.dll
2016-02-10 17:42:28 ----A---- C:\windows\system32\webcheck.dll
2016-02-10 17:42:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-02-10 17:42:27 ----A---- C:\windows\system32\jscript9diag.dll
2016-02-10 17:42:27 ----A---- C:\windows\system32\jscript.dll
2016-02-10 17:42:26 ----A---- C:\windows\system32\wininet.dll
2016-02-10 17:42:26 ----A---- C:\windows\system32\jscript9.dll
2016-02-10 17:42:24 ----A---- C:\windows\system32\MshtmlDac.dll
2016-02-10 17:42:23 ----A---- C:\windows\system32\msrating.dll
2016-02-10 17:41:08 ----A---- C:\windows\system32\drivers\mrxdav.sys
2016-02-10 17:41:07 ----A---- C:\windows\system32\win32k.sys
2016-02-10 17:40:59 ----A---- C:\windows\system32\ole32.dll
2016-02-10 17:40:54 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-02-10 17:40:11 ----A---- C:\windows\system32\EncDec.dll
2016-02-10 17:40:10 ----A---- C:\windows\SYSWOW64\EncDec.dll
2016-02-10 17:40:10 ----A---- C:\windows\SYSWOW64\CPFilters.dll
2016-02-10 17:40:10 ----A---- C:\windows\system32\CPFilters.dll
2016-02-10 17:40:09 ----A---- C:\windows\system32\ntoskrnl.exe
2016-02-10 17:40:08 ----A---- C:\windows\system32\ntdll.dll
2016-02-10 17:40:08 ----A---- C:\windows\system32\KernelBase.dll
2016-02-10 17:40:07 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-02-10 17:40:07 ----A---- C:\windows\system32\mtxoci.dll
2016-02-10 17:40:07 ----A---- C:\windows\system32\kerberos.dll
2016-02-10 17:40:06 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 17:40:05 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-02-10 17:40:05 ----A---- C:\windows\system32\kernel32.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\mtxoci.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-02-10 17:40:04 ----A---- C:\windows\system32\advapi32.dll
2016-02-10 17:40:03 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-02-10 17:40:02 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-02-10 17:40:02 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-02-10 17:40:02 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-02-10 17:40:00 ----A---- C:\windows\system32\lsasrv.dll
2016-02-10 17:39:59 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-02-10 17:39:59 ----A---- C:\windows\system32\rpcrt4.dll
2016-02-10 17:39:59 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wow64win.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wow64.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\winsrv.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wdigest.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\TSpkg.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\sspicli.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\srcore.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\smss.exe
2016-02-10 17:39:58 ----A---- C:\windows\system32\schannel.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\ncrypt.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\msv1_0.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-02-10 17:39:58 ----A---- C:\windows\system32\conhost.exe
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\wow64cpu.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\sspisrv.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\srclient.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\secur32.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\rstrui.exe
2016-02-10 17:39:57 ----A---- C:\windows\system32\ntvdm64.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\lsass.exe
2016-02-10 17:39:57 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-02-10 17:39:57 ----A---- C:\windows\system32\csrsrv.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\cryptbase.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\credssp.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-02-10 17:39:56 ----A---- C:\windows\system32\auditpol.exe
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:39:53 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-02-10 17:39:53 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-02-10 17:39:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:39:52 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\user.exe
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\msaudite.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\apisetschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\adtschema.dll
2016-02-10 17:39:51 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-02-10 17:39:51 ----A---- C:\windows\system32\msobjs.dll
2016-02-10 16:27:56 ----A---- C:\windows\SYSWOW64\mapi32.dll
2016-02-10 16:27:56 ----A---- C:\windows\system32\mapistub.dll
2016-02-10 16:27:56 ----A---- C:\windows\system32\mapi32.dll
2016-02-10 16:27:55 ----A---- C:\windows\SYSWOW64\mapistub.dll
2016-02-10 16:27:55 ----A---- C:\windows\SYSWOW64\fixmapi.exe
2016-02-10 16:27:55 ----A---- C:\windows\system32\fixmapi.exe
2016-02-10 01:03:11 ----A---- C:\windows\SYSWOW64\qedit.dll
2016-02-10 01:03:11 ----A---- C:\windows\system32\qedit.dll
2016-02-10 01:03:06 ----A---- C:\windows\system32\msmpeg2adec.dll
2016-02-10 01:03:05 ----A---- C:\windows\SYSWOW64\msmpeg2adec.dll
2016-02-10 01:03:05 ----A---- C:\windows\system32\WMVDECOD.DLL
2016-02-10 01:03:05 ----A---- C:\windows\system32\WMADMOD.DLL
2016-02-10 01:03:04 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2016-02-10 01:03:04 ----A---- C:\windows\system32\WMSPDMOD.DLL
2016-02-10 01:03:03 ----A---- C:\windows\system32\WMVSDECD.DLL
2016-02-10 01:03:03 ----A---- C:\windows\system32\MSMPEG2ENC.DLL
2016-02-10 01:03:02 ----A---- C:\windows\SYSWOW64\WMADMOD.DLL
2016-02-10 01:03:02 ----A---- C:\windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-10 01:03:02 ----A---- C:\windows\system32\mf.dll
2016-02-10 01:03:01 ----A---- C:\windows\SYSWOW64\mf.dll
2016-02-10 01:03:00 ----A---- C:\windows\SYSWOW64\WMVSDECD.DLL
2016-02-10 01:03:00 ----A---- C:\windows\SYSWOW64\WMSPDMOD.DLL
2016-02-10 01:03:00 ----A---- C:\windows\system32\WMADMOE.DLL
2016-02-10 01:02:59 ----A---- C:\windows\SYSWOW64\WMADMOE.DLL
2016-02-10 01:02:59 ----A---- C:\windows\system32\mcmde.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\wmpmde.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\quartz.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\evr.dll
2016-02-10 01:02:57 ----A---- C:\windows\SYSWOW64\wmpmde.dll
2016-02-10 01:02:57 ----A---- C:\windows\SYSWOW64\COLORCNV.DLL
2016-02-10 01:02:57 ----A---- C:\windows\system32\WMVENCOD.DLL
2016-02-10 01:02:57 ----A---- C:\windows\system32\COLORCNV.DLL
2016-02-10 01:02:55 ----A---- C:\windows\SYSWOW64\WMVENCOD.DLL
2016-02-10 01:02:55 ----A---- C:\windows\SYSWOW64\evr.dll
2016-02-10 01:02:55 ----A---- C:\windows\system32\WMVXENCD.DLL
2016-02-10 01:02:55 ----A---- C:\windows\system32\WMSPDMOE.DLL
2016-02-10 01:02:54 ----A---- C:\windows\SYSWOW64\WMVXENCD.DLL
2016-02-10 01:02:54 ----A---- C:\windows\SYSWOW64\quartz.dll
2016-02-10 01:02:54 ----A---- C:\windows\system32\WMVSENCD.DLL
2016-02-10 01:02:54 ----A---- C:\windows\system32\WMALFXGFXDSP.dll
2016-02-10 01:02:53 ----A---- C:\windows\system32\VIDRESZR.DLL
2016-02-10 01:02:53 ----A---- C:\windows\system32\MFWMAAEC.DLL
2016-02-10 01:02:53 ----A---- C:\windows\system32\mfplat.dll
2016-02-10 01:02:52 ----A---- C:\windows\SYSWOW64\devenum.dll
2016-02-10 01:02:52 ----A---- C:\windows\system32\MP4SDECD.DLL
2016-02-10 01:02:52 ----A---- C:\windows\system32\devenum.dll
2016-02-10 01:02:51 ----A---- C:\windows\SYSWOW64\qdvd.dll
2016-02-10 01:02:51 ----A---- C:\windows\SYSWOW64\mfplat.dll
2016-02-10 01:02:51 ----A---- C:\windows\system32\RESAMPLEDMO.DLL
2016-02-10 01:02:51 ----A---- C:\windows\system32\MPG4DECD.DLL
2016-02-10 01:02:51 ----A---- C:\windows\system32\MP43DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\WMVSENCD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MPG4DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MP43DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MFWMAAEC.DLL
2016-02-10 01:02:50 ----A---- C:\windows\system32\MP3DMOD.DLL
2016-02-10 01:02:49 ----A---- C:\windows\SYSWOW64\WMSPDMOE.DLL
2016-02-10 01:02:49 ----A---- C:\windows\SYSWOW64\qasf.dll
2016-02-10 01:02:49 ----A---- C:\windows\system32\mfvdsp.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\SysFxUI.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\qdvd.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\qasf.dll
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\VIDRESZR.DLL
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\MP4SDECD.DLL
2016-02-10 01:02:46 ----A---- C:\windows\SYSWOW64\MP3DMOD.DLL
2016-02-10 01:02:46 ----A---- C:\windows\system32\msmpeg2vdec.dll
2016-02-10 01:02:45 ----A---- C:\windows\SYSWOW64\mfvdsp.dll
2016-02-10 01:02:44 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2016-02-10 01:02:44 ----A---- C:\windows\system32\rrinstaller.exe
2016-02-10 01:02:43 ----A---- C:\windows\SYSWOW64\mfps.dll
2016-02-10 01:02:43 ----A---- C:\windows\system32\mfps.dll
2016-02-10 01:02:42 ----A---- C:\windows\system32\mfpmp.exe
2016-02-10 01:02:41 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2016-02-10 01:02:41 ----A---- C:\windows\system32\drivers\portcls.sys
2016-02-10 01:02:41 ----A---- C:\windows\system32\drivers\drmk.sys
2016-02-10 01:02:40 ----A---- C:\windows\SYSWOW64\mferror.dll
2016-02-10 01:02:40 ----A---- C:\windows\SYSWOW64\ksuser.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\mferror.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\ksuser.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\drivers\drmkaud.sys
2016-02-10 00:57:42 ----A---- C:\windows\SYSWOW64\gdi32.dll
2016-02-10 00:57:42 ----A---- C:\windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-03-04 17:45:06 ----RD---- C:\Program Files
2016-03-04 17:40:58 ----D---- C:\Windows
2016-03-04 17:40:28 ----D---- C:\windows\Temp
2016-03-04 16:42:16 ----D---- C:\windows\system32\config
2016-03-03 00:44:29 ----D---- C:\windows\winsxs
2016-03-03 00:44:27 ----D---- C:\windows\System32
2016-03-03 00:44:07 ----SHD---- C:\System Volume Information
2016-03-03 00:08:38 ----D---- C:\windows\Microsoft.NET
2016-03-02 23:34:16 ----D---- C:\windows\AppCompat
2016-03-01 00:46:30 ----D---- C:\windows\system32\catroot
2016-03-01 00:40:23 ----SHD---- C:\windows\Installer
2016-03-01 00:14:34 ----D---- C:\windows\system32\drivers
2016-03-01 00:14:30 ----D---- C:\Program Files\Microsoft Security Client
2016-03-01 00:14:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-29 23:11:38 ----D---- C:\windows\Prefetch
2016-02-29 23:10:58 ----HD---- C:\ProgramData
2016-02-29 23:10:03 ----D---- C:\windows\SysWOW64
2016-02-29 23:08:09 ----D---- C:\windows\system32\Tasks
2016-02-29 23:04:56 ----RD---- C:\Program Files (x86)
2016-02-29 23:04:50 ----D---- C:\Program Files\AMD
2016-02-29 23:04:47 ----D---- C:\Program Files (x86)\ATI Technologies
2016-02-29 23:04:30 ----D---- C:\windows\inf
2016-02-29 23:04:26 ----D---- C:\windows\system32\DriverStore
2016-02-29 23:03:34 ----SD---- C:\Users\Dana\AppData\Roaming\Microsoft
2016-02-29 23:02:53 ----D---- C:\Program Files (x86)\AMD
2016-02-29 22:54:46 ----D---- C:\windows\system32\catroot2
2016-02-29 22:51:45 ----D---- C:\ProgramData\Package Cache
2016-02-29 13:06:31 ----D---- C:\windows\Tasks
2016-02-29 12:42:31 ----D---- C:\windows\Logs
2016-02-29 12:35:02 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-02-29 12:35:02 ----D---- C:\windows\system32\cs-CZ
2016-02-29 12:35:01 ----D---- C:\windows\SYSWOW64\wbem
2016-02-29 12:35:01 ----D---- C:\windows\system32\wbem
2016-02-29 12:35:01 ----D---- C:\windows\system32\drivers\en-US
2016-02-29 12:34:57 ----D---- C:\windows\system32\AdvancedInstallers
2016-02-29 12:34:57 ----D---- C:\windows\AppPatch
2016-02-29 12:34:56 ----D---- C:\windows\tracing
2016-02-29 12:34:56 ----D---- C:\windows\system32\drivers\cs-CZ
2016-02-29 12:34:55 ----D---- C:\windows\SYSWOW64\en-US
2016-02-29 12:34:55 ----D---- C:\windows\system32\en-US
2016-02-29 12:34:55 ----D---- C:\windows\PolicyDefinitions
2016-02-29 12:34:50 ----SD---- C:\ProgramData\Microsoft
2016-02-29 12:34:46 ----RSD---- C:\windows\Fonts
2016-02-29 12:34:44 ----D---- C:\windows\cs-CZ
2016-02-29 12:28:15 ----D---- C:\windows\debug
2016-02-29 11:26:33 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-02-29 11:10:01 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2016-02-12 21:30:21 ----D---- C:\windows\system32\wdi
2016-02-11 20:13:51 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-02-11 19:09:07 ----D---- C:\windows\rescache
2016-02-11 18:32:34 ----RSD---- C:\windows\assembly
2016-02-11 10:56:16 ----D---- C:\Program Files\Windows Journal
2016-02-11 10:56:15 ----D---- C:\windows\SYSWOW64\sk-SK
2016-02-11 10:56:15 ----D---- C:\windows\system32\sk-SK
2016-02-11 10:56:15 ----D---- C:\Program Files\Internet Explorer
2016-02-11 10:56:15 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 10:02:08 ----D---- C:\Program Files (x86)\Common Files
2016-02-11 10:01:34 ----D---- C:\Users\Dana\AppData\Roaming\hpqLog
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2013-11-06 83176]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2013-11-06 43240]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\drivers\amdkmpfd.sys [2015-04-23 65248]
R0 hpdskflt;HP Filter; C:\windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\windows\system32\drivers\amdacpksd.sys [2015-12-04 296648]
R2 APXACC;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2015-04-03 229056]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\drivers\amdhub30.sys [2013-05-28 106816]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2015-12-04 23961088]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2015-12-04 671232]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\drivers\amdxhc.sys [2013-05-28 227648]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2015-09-18 96256]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-11-12 4275288]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-03-04 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-10-05 63704]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2016-01-29 4862720]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2014-10-07 674592]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\drivers\SynTP.sys [2014-10-31 580336]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2014-03-18 293592]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2014-03-27 272600]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\windows\system32\drivers\Smb_driver_AMDASF.sys [2014-10-31 32496]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\drivers\Smb_driver_Intel.sys [2014-10-31 33008]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2015-12-04 246272]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2015-12-04 121856]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-08-22 93184]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2013-07-23 43320]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-09-04 292568]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-10 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-29 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-10 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2015-11-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu - při přehrávání youtube se video seká
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu - při přehrávání youtube se video seká
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu - při přehrávání youtube se video seká
Taj bohužel ADW nic, žádná detekce viz log
# AdwCleaner v5.037 - Logfile created 05/03/2016 at 01:14:46
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Dana - DANA-HP
# Running from : C:\Users\Dana\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1420 bytes] - [29/02/2016 01:16:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [778 bytes] - [05/03/2016 01:14:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1222 bytes] - [29/02/2016 01:13:29]
C:\AdwCleaner\AdwCleaner[S2].txt - [912 bytes] - [05/03/2016 01:12:42]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [995 bytes] ##########
# AdwCleaner v5.037 - Logfile created 05/03/2016 at 01:14:46
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Dana - DANA-HP
# Running from : C:\Users\Dana\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1420 bytes] - [29/02/2016 01:16:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [778 bytes] - [05/03/2016 01:14:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1222 bytes] - [29/02/2016 01:13:29]
C:\AdwCleaner\AdwCleaner[S2].txt - [912 bytes] - [05/03/2016 01:12:42]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [995 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu - při přehrávání youtube se video seká
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe
:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu - při přehrávání youtube se video seká
tak vypada to ze problem tedy zpusoboval win32cldefender.exe , videa jiz jedou plynule.
zde log, jdu zatim testovat
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dana at 2016-03-05 12:48:40
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 864 GB (92%) free of 936 GB
Total RAM: 3529 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:48:44, on 5.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files\trend micro\Dana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HP Camera Driver_Monitor] "C:\Program Files (x86)\HP Camera Driver\monitor.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10148 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\windows\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\WLANExt.exe 25109504
\??\C:\windows\system32\conhost.exe "-519822414-2044785201103466666-13742986411001373364383143690-729445529-2101626019
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
taskeng.exe {F4082101-5A70-4088-855C-291FD32736EC}
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"taskhost.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\makecab.exe" C:\windows\Logs\CBS\CbsPersist_20160109000408.log C:\windows\Logs\CBS\CbsPersist_20160109000408.cab
\??\C:\windows\system32\conhost.exe "-1189934820-17269447281197872999-2012324618359587018-1420427925524974144-851971350
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\windows\system32\GWX\GWX.exe"
C:\windows\system32\sppsvc.exe
C:\windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {4504A351-E949-4314-B944-D392C3E3EA1C}
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
"C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Users\Dana\Downloads\RSITx64 (1).exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-11-11 7659224]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-31 2863344]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-12-04 4867784]
"NUSB3MON"=C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2015-04-06 488640]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HP Camera Driver_Monitor"=C:\Program Files (x86)\HP Camera Driver\monitor.exe []
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Mirage"=c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe []
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2015-12-11 56080]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-05 12:41:58 ----D---- C:\_OTM
2016-03-05 12:28:00 ----D---- C:\Program Files\AMD Quick Stream
2016-03-05 12:28:00 ----A---- C:\windows\system32\drivers\appexDrv.sys
2016-03-05 12:25:11 ----D---- C:\ProgramData\ATI
2016-03-04 17:45:06 ----D---- C:\Program Files\trend micro
2016-03-04 17:45:04 ----D---- C:\rsit
2016-03-04 16:59:02 ----A---- C:\windows\system32\wksprt.exe
2016-03-04 16:59:01 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2016-03-04 16:59:01 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2016-03-04 16:59:01 ----A---- C:\windows\SYSWOW64\mstscax.dll
2016-03-04 16:59:01 ----A---- C:\windows\system32\tsgqec.dll
2016-03-04 16:59:01 ----A---- C:\windows\system32\rdvidcrl.dll
2016-03-04 16:59:01 ----A---- C:\windows\system32\mstscax.dll
2016-03-02 23:45:02 ----A---- C:\windows\system32\rdpudd.dll
2016-03-02 23:45:01 ----A---- C:\windows\system32\TSWbPrxy.exe
2016-03-02 23:45:01 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2016-03-02 23:45:01 ----A---- C:\windows\system32\rdpcorets.dll
2016-02-29 23:06:10 ----D---- C:\Users\Dana\AppData\Roaming\library_dir
2016-02-29 23:04:56 ----D---- C:\Users\Dana\AppData\Roaming\Raptr
2016-02-29 23:04:56 ----D---- C:\Program Files (x86)\Raptr
2016-02-29 22:46:05 ----D---- C:\AMD
2016-02-29 12:34:57 ----SD---- C:\windows\SYSWOW64\GWX
2016-02-29 12:34:57 ----SD---- C:\windows\system32\GWX
2016-02-29 12:34:57 ----SD---- C:\windows\system32\CompatTel
2016-02-29 12:34:57 ----D---- C:\windows\system32\appraiser
2016-02-29 12:28:16 ----D---- C:\windows\system32\MRT
2016-02-29 12:28:12 ----A---- C:\windows\system32\MRT.exe
2016-02-29 11:40:36 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2016-02-29 11:40:31 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-02-29 11:40:31 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-02-29 11:40:30 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\mstsc.exe
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2016-02-29 11:40:29 ----A---- C:\windows\system32\wksprtPS.dll
2016-02-29 11:40:29 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2016-02-29 11:40:28 ----A---- C:\windows\system32\mstsc.exe
2016-02-29 11:32:48 ----A---- C:\windows\system32\drivers\TsUsbGD.sys
2016-02-29 11:32:48 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2016-02-29 11:32:44 ----A---- C:\windows\SYSWOW64\rdpendp_winip.dll
2016-02-29 11:32:43 ----A---- C:\windows\system32\rdpendp_winip.dll
2016-02-29 11:17:06 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2016-02-29 11:17:06 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2016-02-29 11:17:05 ----A---- C:\windows\system32\WUDFSvc.dll
2016-02-29 11:17:04 ----A---- C:\windows\system32\WUDFPlatform.dll
2016-02-29 11:17:03 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2016-02-29 11:17:02 ----A---- C:\windows\system32\WUDFx.dll
2016-02-29 11:17:02 ----A---- C:\windows\system32\WUDFHost.exe
2016-02-29 11:14:24 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-29 11:14:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-29 11:07:46 ----D---- C:\windows\Migration
2016-02-29 10:59:30 ----A---- C:\windows\system32\invagent.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\generaltel.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\devinv.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-02-29 10:59:30 ----A---- C:\windows\system32\appraiser.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\aitstatic.exe
2016-02-29 10:59:30 ----A---- C:\windows\system32\acmigration.dll
2016-02-29 10:59:29 ----A---- C:\windows\system32\aepic.dll
2016-02-29 10:59:29 ----A---- C:\windows\system32\aeinv.dll
2016-02-29 10:59:23 ----A---- C:\windows\system32\UtcResources.dll
2016-02-29 10:59:23 ----A---- C:\windows\system32\diagtrack.dll
2016-02-29 10:59:19 ----A---- C:\windows\system32\tdh.dll
2016-02-29 10:59:18 ----A---- C:\windows\SYSWOW64\tdh.dll
2016-02-29 10:58:40 ----A---- C:\windows\SYSWOW64\tracerpt.exe
2016-02-29 10:58:40 ----A---- C:\windows\system32\tracerpt.exe
2016-02-29 10:58:40 ----A---- C:\windows\system32\sechost.dll
2016-02-29 10:58:39 ----A---- C:\windows\SYSWOW64\sechost.dll
2016-02-29 10:58:39 ----A---- C:\windows\SYSWOW64\logman.exe
2016-02-29 10:58:39 ----A---- C:\windows\system32\logman.exe
2016-02-29 10:58:38 ----A---- C:\windows\SYSWOW64\typeperf.exe
2016-02-29 10:58:38 ----A---- C:\windows\system32\typeperf.exe
2016-02-29 10:58:38 ----A---- C:\windows\system32\relog.exe
2016-02-29 10:58:37 ----A---- C:\windows\SYSWOW64\relog.exe
2016-02-29 10:58:37 ----A---- C:\windows\SYSWOW64\diskperf.exe
2016-02-29 10:58:37 ----A---- C:\windows\system32\diskperf.exe
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\ucrtbase.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-29 10:57:29 ----A---- C:\windows\system32\icaapi.dll
2016-02-29 10:57:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2016-02-29 10:57:08 ----A---- C:\windows\SYSWOW64\apphelp.dll
2016-02-29 10:57:08 ----A---- C:\windows\system32\apphelp.dll
2016-02-29 10:57:07 ----A---- C:\windows\SYSWOW64\shimeng.dll
2016-02-29 10:57:07 ----A---- C:\windows\SYSWOW64\sdbinst.exe
2016-02-29 10:57:07 ----A---- C:\windows\system32\shimeng.dll
2016-02-29 10:57:07 ----A---- C:\windows\system32\sdbinst.exe
2016-02-29 10:57:07 ----A---- C:\windows\system32\aelupsvc.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\nlsbres.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\kbdgeoqw.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\KBDAZEL.DLL
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\KBDAZE.DLL
2016-02-29 10:56:50 ----A---- C:\windows\system32\nlsbres.dll
2016-02-29 10:56:50 ----A---- C:\windows\system32\kbdgeoqw.dll
2016-02-29 10:56:50 ----A---- C:\windows\system32\KBDAZEL.DLL
2016-02-29 10:56:50 ----A---- C:\windows\system32\KBDAZE.DLL
2016-02-29 10:56:31 ----A---- C:\windows\system32\shell32.dll
2016-02-29 10:56:29 ----A---- C:\windows\SYSWOW64\shell32.dll
2016-02-29 10:56:29 ----A---- C:\windows\explorer.exe
2016-02-29 10:56:28 ----A---- C:\windows\SYSWOW64\explorer.exe
2016-02-29 10:56:28 ----A---- C:\windows\system32\ExplorerFrame.dll
2016-02-29 10:56:27 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2016-02-29 10:56:27 ----A---- C:\windows\SYSWOW64\authui.dll
2016-02-29 10:56:27 ----A---- C:\windows\system32\authui.dll
2016-02-29 10:56:13 ----A---- C:\windows\SYSWOW64\TSWorkspace.dll
2016-02-29 10:56:13 ----A---- C:\windows\system32\TSWorkspace.dll
2016-02-29 10:55:32 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2016-02-29 10:55:32 ----A---- C:\windows\system32\cryptsvc.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\wintrust.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\crypt32.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\wintrust.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\cryptnet.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\crypt32.dll
2016-02-29 10:55:03 ----A---- C:\windows\system32\consent.exe
2016-02-29 10:55:02 ----A---- C:\windows\system32\appinfo.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuwebv.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wups.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wudriver.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wucltux.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuaueng.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuapi.dll
2016-02-29 10:54:51 ----A---- C:\windows\SYSWOW64\wups.dll
2016-02-29 10:54:51 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wups2.dll
2016-02-29 10:54:51 ----A---- C:\windows\system32\wuauclt.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wuapp.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-02-29 10:54:51 ----A---- C:\windows\system32\WinSetupUI.dll
2016-02-29 10:54:39 ----A---- C:\windows\system32\WsmSvc.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmAuto.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WSManMigrationPlugin.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WSManHTTPConfig.exe
2016-02-29 10:54:38 ----A---- C:\windows\system32\WsmWmiPl.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WsmAuto.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WSManMigrationPlugin.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WSManHTTPConfig.exe
2016-02-29 10:54:35 ----A---- C:\windows\SYSWOW64\tzres.dll
2016-02-29 10:54:35 ----A---- C:\windows\system32\tzres.dll
2016-02-29 10:54:23 ----A---- C:\windows\SYSWOW64\wpdshext.dll
2016-02-29 10:54:23 ----A---- C:\windows\system32\wpdshext.dll
2016-02-29 10:54:22 ----A---- C:\windows\SYSWOW64\wdi.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\wdi.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\powertracker.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\perftrack.dll
2016-02-29 10:54:16 ----A---- C:\windows\system32\msxml6.dll
2016-02-29 10:54:15 ----A---- C:\windows\SYSWOW64\msxml6.dll
2016-02-29 10:54:15 ----A---- C:\windows\SYSWOW64\msxml3.dll
2016-02-29 10:54:15 ----A---- C:\windows\system32\msxml3.dll
2016-02-29 10:54:14 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2016-02-29 10:54:14 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2016-02-29 10:54:14 ----A---- C:\windows\system32\msxml6r.dll
2016-02-29 10:54:14 ----A---- C:\windows\system32\msxml3r.dll
2016-02-29 10:54:08 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2016-02-29 10:54:08 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2016-02-29 10:54:08 ----A---- C:\windows\system32\dwmcore.dll
2016-02-29 10:54:08 ----A---- C:\windows\system32\dwmapi.dll
2016-02-29 10:54:00 ----A---- C:\windows\system32\drivers\stream.sys
2016-02-29 10:53:59 ----A---- C:\windows\system32\drivers\ntfs.sys
2016-02-29 10:53:58 ----A---- C:\windows\system32\charmap.exe
2016-02-29 10:53:57 ----A---- C:\windows\SYSWOW64\charmap.exe
2016-02-29 10:53:56 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-02-29 10:53:56 ----A---- C:\windows\system32\oleaut32.dll
2016-02-29 01:33:22 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mwac.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mbam.sys
2016-02-29 01:32:38 ----D---- C:\ProgramData\Malwarebytes
2016-02-29 01:32:38 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-29 01:13:14 ----D---- C:\AdwCleaner
2016-02-11 10:06:39 ----D---- C:\Hry
2016-02-11 10:02:10 ----D---- C:\windows\system32\appmgmt
2016-02-10 23:36:16 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-02-10 23:36:08 ----D---- C:\windows\SYSWOW64\Macromed
2016-02-10 23:36:02 ----D---- C:\windows\system32\Macromed
2016-02-10 23:20:02 ----D---- C:\Program Files (x86)\Google
2016-02-10 20:24:52 ----D---- C:\Program Files (x86)\Cities Skylines
2016-02-10 20:05:55 ----D---- C:\Users\Dana\AppData\Roaming\.mono
2016-02-10 20:05:55 ----D---- C:\ProgramData\.mono
2016-02-10 17:43:14 ----A---- C:\windows\system32\InkEd.dll
2016-02-10 17:43:13 ----A---- C:\windows\SYSWOW64\InkEd.dll
2016-02-10 17:43:12 ----A---- C:\windows\system32\jnwmon.dll
2016-02-10 17:43:10 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-02-10 17:43:10 ----A---- C:\windows\system32\iertutil.dll
2016-02-10 17:43:09 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-02-10 17:43:04 ----A---- C:\windows\system32\urlmon.dll
2016-02-10 17:43:03 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-02-10 17:43:03 ----A---- C:\windows\system32\ieui.dll
2016-02-10 17:43:03 ----A---- C:\windows\system32\ieframe.dll
2016-02-10 17:43:01 ----A---- C:\windows\system32\mshtml.dll
2016-02-10 17:43:01 ----A---- C:\windows\system32\ieUnatt.exe
2016-02-10 17:42:50 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-02-10 17:42:50 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 17:42:49 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-02-10 17:42:49 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\iernonce.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\ieetwcollector.exe
2016-02-10 17:42:48 ----A---- C:\windows\SYSWOW64\occache.dll
2016-02-10 17:42:48 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-02-10 17:42:48 ----A---- C:\windows\system32\inseng.dll
2016-02-10 17:42:48 ----A---- C:\windows\system32\ie4uinit.exe
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-02-10 17:42:47 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 17:42:46 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-02-10 17:42:43 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-02-10 17:42:43 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-02-10 17:42:43 ----A---- C:\windows\system32\occache.dll
2016-02-10 17:42:43 ----A---- C:\windows\system32\iedkcs32.dll
2016-02-10 17:42:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-02-10 17:42:42 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-02-10 17:42:41 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-02-10 17:42:41 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-02-10 17:42:41 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-02-10 17:42:40 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-02-10 17:42:40 ----A---- C:\windows\system32\msfeeds.dll
2016-02-10 17:42:40 ----A---- C:\windows\system32\dxtrans.dll
2016-02-10 17:42:38 ----A---- C:\windows\system32\iesetup.dll
2016-02-10 17:42:37 ----A---- C:\windows\system32\ieapfltr.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-02-10 17:42:34 ----A---- C:\windows\system32\vbscript.dll
2016-02-10 17:42:33 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-02-10 17:42:33 ----A---- C:\windows\system32\jsproxy.dll
2016-02-10 17:42:32 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-02-10 17:42:32 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-02-10 17:42:31 ----A---- C:\windows\system32\dxtmsft.dll
2016-02-10 17:42:29 ----A---- C:\windows\system32\mshtmled.dll
2016-02-10 17:42:28 ----A---- C:\windows\system32\webcheck.dll
2016-02-10 17:42:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-02-10 17:42:27 ----A---- C:\windows\system32\jscript9diag.dll
2016-02-10 17:42:27 ----A---- C:\windows\system32\jscript.dll
2016-02-10 17:42:26 ----A---- C:\windows\system32\wininet.dll
2016-02-10 17:42:26 ----A---- C:\windows\system32\jscript9.dll
2016-02-10 17:42:24 ----A---- C:\windows\system32\MshtmlDac.dll
2016-02-10 17:42:23 ----A---- C:\windows\system32\msrating.dll
2016-02-10 17:41:08 ----A---- C:\windows\system32\drivers\mrxdav.sys
2016-02-10 17:41:07 ----A---- C:\windows\system32\win32k.sys
2016-02-10 17:40:59 ----A---- C:\windows\system32\ole32.dll
2016-02-10 17:40:54 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-02-10 17:40:11 ----A---- C:\windows\system32\EncDec.dll
2016-02-10 17:40:10 ----A---- C:\windows\SYSWOW64\EncDec.dll
2016-02-10 17:40:10 ----A---- C:\windows\SYSWOW64\CPFilters.dll
2016-02-10 17:40:10 ----A---- C:\windows\system32\CPFilters.dll
2016-02-10 17:40:09 ----A---- C:\windows\system32\ntoskrnl.exe
2016-02-10 17:40:08 ----A---- C:\windows\system32\ntdll.dll
2016-02-10 17:40:08 ----A---- C:\windows\system32\KernelBase.dll
2016-02-10 17:40:07 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-02-10 17:40:07 ----A---- C:\windows\system32\mtxoci.dll
2016-02-10 17:40:07 ----A---- C:\windows\system32\kerberos.dll
2016-02-10 17:40:06 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 17:40:05 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-02-10 17:40:05 ----A---- C:\windows\system32\kernel32.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\mtxoci.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-02-10 17:40:04 ----A---- C:\windows\system32\advapi32.dll
2016-02-10 17:40:03 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-02-10 17:40:02 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-02-10 17:40:02 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-02-10 17:40:02 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-02-10 17:40:00 ----A---- C:\windows\system32\lsasrv.dll
2016-02-10 17:39:59 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-02-10 17:39:59 ----A---- C:\windows\system32\rpcrt4.dll
2016-02-10 17:39:59 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wow64win.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wow64.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\winsrv.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wdigest.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\TSpkg.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\sspicli.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\srcore.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\smss.exe
2016-02-10 17:39:58 ----A---- C:\windows\system32\schannel.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\ncrypt.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\msv1_0.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-02-10 17:39:58 ----A---- C:\windows\system32\conhost.exe
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\wow64cpu.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\sspisrv.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\srclient.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\secur32.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\rstrui.exe
2016-02-10 17:39:57 ----A---- C:\windows\system32\ntvdm64.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\lsass.exe
2016-02-10 17:39:57 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-02-10 17:39:57 ----A---- C:\windows\system32\csrsrv.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\cryptbase.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\credssp.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-02-10 17:39:56 ----A---- C:\windows\system32\auditpol.exe
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:39:53 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-02-10 17:39:53 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-02-10 17:39:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:39:52 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\user.exe
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\msaudite.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\apisetschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\adtschema.dll
2016-02-10 17:39:51 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-02-10 17:39:51 ----A---- C:\windows\system32\msobjs.dll
2016-02-10 16:27:56 ----A---- C:\windows\SYSWOW64\mapi32.dll
2016-02-10 16:27:56 ----A---- C:\windows\system32\mapistub.dll
2016-02-10 16:27:56 ----A---- C:\windows\system32\mapi32.dll
2016-02-10 16:27:55 ----A---- C:\windows\SYSWOW64\mapistub.dll
2016-02-10 16:27:55 ----A---- C:\windows\SYSWOW64\fixmapi.exe
2016-02-10 16:27:55 ----A---- C:\windows\system32\fixmapi.exe
2016-02-10 01:03:11 ----A---- C:\windows\SYSWOW64\qedit.dll
2016-02-10 01:03:11 ----A---- C:\windows\system32\qedit.dll
2016-02-10 01:03:06 ----A---- C:\windows\system32\msmpeg2adec.dll
2016-02-10 01:03:05 ----A---- C:\windows\SYSWOW64\msmpeg2adec.dll
2016-02-10 01:03:05 ----A---- C:\windows\system32\WMVDECOD.DLL
2016-02-10 01:03:05 ----A---- C:\windows\system32\WMADMOD.DLL
2016-02-10 01:03:04 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2016-02-10 01:03:04 ----A---- C:\windows\system32\WMSPDMOD.DLL
2016-02-10 01:03:03 ----A---- C:\windows\system32\WMVSDECD.DLL
2016-02-10 01:03:03 ----A---- C:\windows\system32\MSMPEG2ENC.DLL
2016-02-10 01:03:02 ----A---- C:\windows\SYSWOW64\WMADMOD.DLL
2016-02-10 01:03:02 ----A---- C:\windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-10 01:03:02 ----A---- C:\windows\system32\mf.dll
2016-02-10 01:03:01 ----A---- C:\windows\SYSWOW64\mf.dll
2016-02-10 01:03:00 ----A---- C:\windows\SYSWOW64\WMVSDECD.DLL
2016-02-10 01:03:00 ----A---- C:\windows\SYSWOW64\WMSPDMOD.DLL
2016-02-10 01:03:00 ----A---- C:\windows\system32\WMADMOE.DLL
2016-02-10 01:02:59 ----A---- C:\windows\SYSWOW64\WMADMOE.DLL
2016-02-10 01:02:59 ----A---- C:\windows\system32\mcmde.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\wmpmde.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\quartz.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\evr.dll
2016-02-10 01:02:57 ----A---- C:\windows\SYSWOW64\wmpmde.dll
2016-02-10 01:02:57 ----A---- C:\windows\SYSWOW64\COLORCNV.DLL
2016-02-10 01:02:57 ----A---- C:\windows\system32\WMVENCOD.DLL
2016-02-10 01:02:57 ----A---- C:\windows\system32\COLORCNV.DLL
2016-02-10 01:02:55 ----A---- C:\windows\SYSWOW64\WMVENCOD.DLL
2016-02-10 01:02:55 ----A---- C:\windows\SYSWOW64\evr.dll
2016-02-10 01:02:55 ----A---- C:\windows\system32\WMVXENCD.DLL
2016-02-10 01:02:55 ----A---- C:\windows\system32\WMSPDMOE.DLL
2016-02-10 01:02:54 ----A---- C:\windows\SYSWOW64\WMVXENCD.DLL
2016-02-10 01:02:54 ----A---- C:\windows\SYSWOW64\quartz.dll
2016-02-10 01:02:54 ----A---- C:\windows\system32\WMVSENCD.DLL
2016-02-10 01:02:54 ----A---- C:\windows\system32\WMALFXGFXDSP.dll
2016-02-10 01:02:53 ----A---- C:\windows\system32\VIDRESZR.DLL
2016-02-10 01:02:53 ----A---- C:\windows\system32\MFWMAAEC.DLL
2016-02-10 01:02:53 ----A---- C:\windows\system32\mfplat.dll
2016-02-10 01:02:52 ----A---- C:\windows\SYSWOW64\devenum.dll
2016-02-10 01:02:52 ----A---- C:\windows\system32\MP4SDECD.DLL
2016-02-10 01:02:52 ----A---- C:\windows\system32\devenum.dll
2016-02-10 01:02:51 ----A---- C:\windows\SYSWOW64\qdvd.dll
2016-02-10 01:02:51 ----A---- C:\windows\SYSWOW64\mfplat.dll
2016-02-10 01:02:51 ----A---- C:\windows\system32\RESAMPLEDMO.DLL
2016-02-10 01:02:51 ----A---- C:\windows\system32\MPG4DECD.DLL
2016-02-10 01:02:51 ----A---- C:\windows\system32\MP43DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\WMVSENCD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MPG4DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MP43DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MFWMAAEC.DLL
2016-02-10 01:02:50 ----A---- C:\windows\system32\MP3DMOD.DLL
2016-02-10 01:02:49 ----A---- C:\windows\SYSWOW64\WMSPDMOE.DLL
2016-02-10 01:02:49 ----A---- C:\windows\SYSWOW64\qasf.dll
2016-02-10 01:02:49 ----A---- C:\windows\system32\mfvdsp.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\SysFxUI.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\qdvd.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\qasf.dll
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\VIDRESZR.DLL
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\MP4SDECD.DLL
2016-02-10 01:02:46 ----A---- C:\windows\SYSWOW64\MP3DMOD.DLL
2016-02-10 01:02:46 ----A---- C:\windows\system32\msmpeg2vdec.dll
2016-02-10 01:02:45 ----A---- C:\windows\SYSWOW64\mfvdsp.dll
2016-02-10 01:02:44 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2016-02-10 01:02:44 ----A---- C:\windows\system32\rrinstaller.exe
2016-02-10 01:02:43 ----A---- C:\windows\SYSWOW64\mfps.dll
2016-02-10 01:02:43 ----A---- C:\windows\system32\mfps.dll
2016-02-10 01:02:42 ----A---- C:\windows\system32\mfpmp.exe
2016-02-10 01:02:41 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2016-02-10 01:02:41 ----A---- C:\windows\system32\drivers\portcls.sys
2016-02-10 01:02:41 ----A---- C:\windows\system32\drivers\drmk.sys
2016-02-10 01:02:40 ----A---- C:\windows\SYSWOW64\mferror.dll
2016-02-10 01:02:40 ----A---- C:\windows\SYSWOW64\ksuser.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\mferror.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\ksuser.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\drivers\drmkaud.sys
2016-02-10 00:57:42 ----A---- C:\windows\SYSWOW64\gdi32.dll
2016-02-10 00:57:42 ----A---- C:\windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-03-05 12:47:15 ----D---- C:\Windows
2016-03-05 12:47:10 ----D---- C:\windows\Temp
2016-03-05 12:47:07 ----D---- C:\windows\system32\config
2016-03-05 12:41:58 ----D---- C:\windows\Tasks
2016-03-05 12:37:54 ----D---- C:\windows\System32
2016-03-05 12:37:54 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-05 12:37:53 ----D---- C:\windows\inf
2016-03-05 12:30:51 ----HD---- C:\ProgramData
2016-03-05 12:29:21 ----D---- C:\windows\system32\catroot
2016-03-05 12:28:30 ----SHD---- C:\windows\Installer
2016-03-05 12:28:29 ----D---- C:\Program Files (x86)\ATI Technologies
2016-03-05 12:28:23 ----D---- C:\windows\system32\drivers
2016-03-05 12:28:22 ----D---- C:\windows\system32\DriverStore
2016-03-05 12:28:00 ----RD---- C:\Program Files
2016-03-05 12:24:38 ----D---- C:\Program Files\AMD
2016-03-05 12:24:01 ----D---- C:\windows\SysWOW64
2016-03-05 12:23:26 ----D---- C:\ProgramData\Package Cache
2016-03-05 12:23:21 ----SHD---- C:\System Volume Information
2016-03-05 11:51:56 ----D---- C:\windows\rescache
2016-03-05 10:39:59 ----D---- C:\windows\winsxs
2016-03-05 01:09:02 ----D---- C:\windows\Microsoft.NET
2016-03-02 23:34:16 ----D---- C:\windows\AppCompat
2016-03-01 00:14:30 ----D---- C:\Program Files\Microsoft Security Client
2016-03-01 00:14:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-29 23:11:38 ----D---- C:\windows\Prefetch
2016-02-29 23:08:09 ----D---- C:\windows\system32\Tasks
2016-02-29 23:04:56 ----RD---- C:\Program Files (x86)
2016-02-29 23:03:34 ----SD---- C:\Users\Dana\AppData\Roaming\Microsoft
2016-02-29 23:02:53 ----D---- C:\Program Files (x86)\AMD
2016-02-29 22:54:46 ----D---- C:\windows\system32\catroot2
2016-02-29 12:42:31 ----D---- C:\windows\Logs
2016-02-29 12:35:02 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-02-29 12:35:02 ----D---- C:\windows\system32\cs-CZ
2016-02-29 12:35:01 ----D---- C:\windows\SYSWOW64\wbem
2016-02-29 12:35:01 ----D---- C:\windows\system32\wbem
2016-02-29 12:35:01 ----D---- C:\windows\system32\drivers\en-US
2016-02-29 12:34:57 ----D---- C:\windows\system32\AdvancedInstallers
2016-02-29 12:34:57 ----D---- C:\windows\AppPatch
2016-02-29 12:34:56 ----D---- C:\windows\tracing
2016-02-29 12:34:56 ----D---- C:\windows\system32\drivers\cs-CZ
2016-02-29 12:34:55 ----D---- C:\windows\SYSWOW64\en-US
2016-02-29 12:34:55 ----D---- C:\windows\system32\en-US
2016-02-29 12:34:55 ----D---- C:\windows\PolicyDefinitions
2016-02-29 12:34:50 ----SD---- C:\ProgramData\Microsoft
2016-02-29 12:34:46 ----RSD---- C:\windows\Fonts
2016-02-29 12:34:44 ----D---- C:\windows\cs-CZ
2016-02-29 12:28:15 ----D---- C:\windows\debug
2016-02-29 11:10:01 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2016-02-12 21:30:21 ----D---- C:\windows\system32\wdi
2016-02-11 20:13:51 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-02-11 18:32:34 ----RSD---- C:\windows\assembly
2016-02-11 10:56:16 ----D---- C:\Program Files\Windows Journal
2016-02-11 10:56:15 ----D---- C:\windows\SYSWOW64\sk-SK
2016-02-11 10:56:15 ----D---- C:\windows\system32\sk-SK
2016-02-11 10:56:15 ----D---- C:\Program Files\Internet Explorer
2016-02-11 10:56:15 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 10:02:08 ----D---- C:\Program Files (x86)\Common Files
2016-02-11 10:01:34 ----D---- C:\Users\Dana\AppData\Roaming\hpqLog
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2015-03-30 85704]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2015-03-30 43720]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\drivers\amdkmpfd.sys [2015-04-23 65248]
R0 hpdskflt;HP Filter; C:\windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\windows\system32\drivers\amdacpksd.sys [2015-12-04 296648]
R2 APXACC;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2015-04-03 229056]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2015-06-17 117008]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2015-12-04 23961088]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2015-12-04 671232]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2015-06-17 237840]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2015-09-18 96256]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-11-12 4275288]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-03-05 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-10-05 63704]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2016-01-29 4862720]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2014-10-07 674592]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\drivers\SynTP.sys [2014-10-31 580336]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2014-03-18 293592]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2014-03-27 272600]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\windows\system32\drivers\Smb_driver_AMDASF.sys [2014-10-31 32496]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\drivers\Smb_driver_Intel.sys [2014-10-31 33008]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2015-12-04 246272]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2015-12-04 121856]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2013-07-23 43320]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-09-04 292568]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-10 154440]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-08-22 93184]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-29 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-10 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2015-11-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
zde log, jdu zatim testovat
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dana at 2016-03-05 12:48:40
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 864 GB (92%) free of 936 GB
Total RAM: 3529 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:48:44, on 5.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files\trend micro\Dana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HP Camera Driver_Monitor] "C:\Program Files (x86)\HP Camera Driver\monitor.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10148 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\windows\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\WLANExt.exe 25109504
\??\C:\windows\system32\conhost.exe "-519822414-2044785201103466666-13742986411001373364383143690-729445529-2101626019
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
taskeng.exe {F4082101-5A70-4088-855C-291FD32736EC}
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"taskhost.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\makecab.exe" C:\windows\Logs\CBS\CbsPersist_20160109000408.log C:\windows\Logs\CBS\CbsPersist_20160109000408.cab
\??\C:\windows\system32\conhost.exe "-1189934820-17269447281197872999-2012324618359587018-1420427925524974144-851971350
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\windows\system32\GWX\GWX.exe"
C:\windows\system32\sppsvc.exe
C:\windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {4504A351-E949-4314-B944-D392C3E3EA1C}
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
"C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Users\Dana\Downloads\RSITx64 (1).exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-11-11 7659224]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-10-31 2863344]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-12-04 4867784]
"NUSB3MON"=C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2015-04-06 488640]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HP Camera Driver_Monitor"=C:\Program Files (x86)\HP Camera Driver\monitor.exe []
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Mirage"=c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe []
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2015-12-11 56080]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-05 12:41:58 ----D---- C:\_OTM
2016-03-05 12:28:00 ----D---- C:\Program Files\AMD Quick Stream
2016-03-05 12:28:00 ----A---- C:\windows\system32\drivers\appexDrv.sys
2016-03-05 12:25:11 ----D---- C:\ProgramData\ATI
2016-03-04 17:45:06 ----D---- C:\Program Files\trend micro
2016-03-04 17:45:04 ----D---- C:\rsit
2016-03-04 16:59:02 ----A---- C:\windows\system32\wksprt.exe
2016-03-04 16:59:01 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2016-03-04 16:59:01 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2016-03-04 16:59:01 ----A---- C:\windows\SYSWOW64\mstscax.dll
2016-03-04 16:59:01 ----A---- C:\windows\system32\tsgqec.dll
2016-03-04 16:59:01 ----A---- C:\windows\system32\rdvidcrl.dll
2016-03-04 16:59:01 ----A---- C:\windows\system32\mstscax.dll
2016-03-02 23:45:02 ----A---- C:\windows\system32\rdpudd.dll
2016-03-02 23:45:01 ----A---- C:\windows\system32\TSWbPrxy.exe
2016-03-02 23:45:01 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2016-03-02 23:45:01 ----A---- C:\windows\system32\rdpcorets.dll
2016-02-29 23:06:10 ----D---- C:\Users\Dana\AppData\Roaming\library_dir
2016-02-29 23:04:56 ----D---- C:\Users\Dana\AppData\Roaming\Raptr
2016-02-29 23:04:56 ----D---- C:\Program Files (x86)\Raptr
2016-02-29 22:46:05 ----D---- C:\AMD
2016-02-29 12:34:57 ----SD---- C:\windows\SYSWOW64\GWX
2016-02-29 12:34:57 ----SD---- C:\windows\system32\GWX
2016-02-29 12:34:57 ----SD---- C:\windows\system32\CompatTel
2016-02-29 12:34:57 ----D---- C:\windows\system32\appraiser
2016-02-29 12:28:16 ----D---- C:\windows\system32\MRT
2016-02-29 12:28:12 ----A---- C:\windows\system32\MRT.exe
2016-02-29 11:40:36 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2016-02-29 11:40:31 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-02-29 11:40:31 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-02-29 11:40:30 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\mstsc.exe
2016-02-29 11:40:29 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2016-02-29 11:40:29 ----A---- C:\windows\system32\wksprtPS.dll
2016-02-29 11:40:29 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2016-02-29 11:40:28 ----A---- C:\windows\system32\mstsc.exe
2016-02-29 11:32:48 ----A---- C:\windows\system32\drivers\TsUsbGD.sys
2016-02-29 11:32:48 ----A---- C:\windows\system32\drivers\rdpvideominiport.sys
2016-02-29 11:32:44 ----A---- C:\windows\SYSWOW64\rdpendp_winip.dll
2016-02-29 11:32:43 ----A---- C:\windows\system32\rdpendp_winip.dll
2016-02-29 11:17:06 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2016-02-29 11:17:06 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2016-02-29 11:17:05 ----A---- C:\windows\system32\WUDFSvc.dll
2016-02-29 11:17:04 ----A---- C:\windows\system32\WUDFPlatform.dll
2016-02-29 11:17:03 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2016-02-29 11:17:02 ----A---- C:\windows\system32\WUDFx.dll
2016-02-29 11:17:02 ----A---- C:\windows\system32\WUDFHost.exe
2016-02-29 11:14:24 ----D---- C:\Program Files\Microsoft Silverlight
2016-02-29 11:14:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-02-29 11:07:46 ----D---- C:\windows\Migration
2016-02-29 10:59:30 ----A---- C:\windows\system32\invagent.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\generaltel.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\devinv.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-02-29 10:59:30 ----A---- C:\windows\system32\appraiser.dll
2016-02-29 10:59:30 ----A---- C:\windows\system32\aitstatic.exe
2016-02-29 10:59:30 ----A---- C:\windows\system32\acmigration.dll
2016-02-29 10:59:29 ----A---- C:\windows\system32\aepic.dll
2016-02-29 10:59:29 ----A---- C:\windows\system32\aeinv.dll
2016-02-29 10:59:23 ----A---- C:\windows\system32\UtcResources.dll
2016-02-29 10:59:23 ----A---- C:\windows\system32\diagtrack.dll
2016-02-29 10:59:19 ----A---- C:\windows\system32\tdh.dll
2016-02-29 10:59:18 ----A---- C:\windows\SYSWOW64\tdh.dll
2016-02-29 10:58:40 ----A---- C:\windows\SYSWOW64\tracerpt.exe
2016-02-29 10:58:40 ----A---- C:\windows\system32\tracerpt.exe
2016-02-29 10:58:40 ----A---- C:\windows\system32\sechost.dll
2016-02-29 10:58:39 ----A---- C:\windows\SYSWOW64\sechost.dll
2016-02-29 10:58:39 ----A---- C:\windows\SYSWOW64\logman.exe
2016-02-29 10:58:39 ----A---- C:\windows\system32\logman.exe
2016-02-29 10:58:38 ----A---- C:\windows\SYSWOW64\typeperf.exe
2016-02-29 10:58:38 ----A---- C:\windows\system32\typeperf.exe
2016-02-29 10:58:38 ----A---- C:\windows\system32\relog.exe
2016-02-29 10:58:37 ----A---- C:\windows\SYSWOW64\relog.exe
2016-02-29 10:58:37 ----A---- C:\windows\SYSWOW64\diskperf.exe
2016-02-29 10:58:37 ----A---- C:\windows\system32\diskperf.exe
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-29 10:57:51 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-29 10:57:50 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-29 10:57:50 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\ucrtbase.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-29 10:57:49 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-29 10:57:29 ----A---- C:\windows\system32\icaapi.dll
2016-02-29 10:57:28 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2016-02-29 10:57:08 ----A---- C:\windows\SYSWOW64\apphelp.dll
2016-02-29 10:57:08 ----A---- C:\windows\system32\apphelp.dll
2016-02-29 10:57:07 ----A---- C:\windows\SYSWOW64\shimeng.dll
2016-02-29 10:57:07 ----A---- C:\windows\SYSWOW64\sdbinst.exe
2016-02-29 10:57:07 ----A---- C:\windows\system32\shimeng.dll
2016-02-29 10:57:07 ----A---- C:\windows\system32\sdbinst.exe
2016-02-29 10:57:07 ----A---- C:\windows\system32\aelupsvc.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\nlsbres.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\kbdgeoqw.dll
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\KBDAZEL.DLL
2016-02-29 10:56:50 ----A---- C:\windows\SYSWOW64\KBDAZE.DLL
2016-02-29 10:56:50 ----A---- C:\windows\system32\nlsbres.dll
2016-02-29 10:56:50 ----A---- C:\windows\system32\kbdgeoqw.dll
2016-02-29 10:56:50 ----A---- C:\windows\system32\KBDAZEL.DLL
2016-02-29 10:56:50 ----A---- C:\windows\system32\KBDAZE.DLL
2016-02-29 10:56:31 ----A---- C:\windows\system32\shell32.dll
2016-02-29 10:56:29 ----A---- C:\windows\SYSWOW64\shell32.dll
2016-02-29 10:56:29 ----A---- C:\windows\explorer.exe
2016-02-29 10:56:28 ----A---- C:\windows\SYSWOW64\explorer.exe
2016-02-29 10:56:28 ----A---- C:\windows\system32\ExplorerFrame.dll
2016-02-29 10:56:27 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2016-02-29 10:56:27 ----A---- C:\windows\SYSWOW64\authui.dll
2016-02-29 10:56:27 ----A---- C:\windows\system32\authui.dll
2016-02-29 10:56:13 ----A---- C:\windows\SYSWOW64\TSWorkspace.dll
2016-02-29 10:56:13 ----A---- C:\windows\system32\TSWorkspace.dll
2016-02-29 10:55:32 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2016-02-29 10:55:32 ----A---- C:\windows\system32\cryptsvc.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\wintrust.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2016-02-29 10:55:31 ----A---- C:\windows\SYSWOW64\crypt32.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\wintrust.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\cryptnet.dll
2016-02-29 10:55:31 ----A---- C:\windows\system32\crypt32.dll
2016-02-29 10:55:03 ----A---- C:\windows\system32\consent.exe
2016-02-29 10:55:02 ----A---- C:\windows\system32\appinfo.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-02-29 10:54:52 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuwebv.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wups.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wudriver.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wucltux.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuaueng.dll
2016-02-29 10:54:52 ----A---- C:\windows\system32\wuapi.dll
2016-02-29 10:54:51 ----A---- C:\windows\SYSWOW64\wups.dll
2016-02-29 10:54:51 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wups2.dll
2016-02-29 10:54:51 ----A---- C:\windows\system32\wuauclt.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wuapp.exe
2016-02-29 10:54:51 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-02-29 10:54:51 ----A---- C:\windows\system32\WinSetupUI.dll
2016-02-29 10:54:39 ----A---- C:\windows\system32\WsmSvc.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WsmAuto.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WSManMigrationPlugin.dll
2016-02-29 10:54:38 ----A---- C:\windows\SYSWOW64\WSManHTTPConfig.exe
2016-02-29 10:54:38 ----A---- C:\windows\system32\WsmWmiPl.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WsmAuto.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WSManMigrationPlugin.dll
2016-02-29 10:54:38 ----A---- C:\windows\system32\WSManHTTPConfig.exe
2016-02-29 10:54:35 ----A---- C:\windows\SYSWOW64\tzres.dll
2016-02-29 10:54:35 ----A---- C:\windows\system32\tzres.dll
2016-02-29 10:54:23 ----A---- C:\windows\SYSWOW64\wpdshext.dll
2016-02-29 10:54:23 ----A---- C:\windows\system32\wpdshext.dll
2016-02-29 10:54:22 ----A---- C:\windows\SYSWOW64\wdi.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\wdi.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\powertracker.dll
2016-02-29 10:54:22 ----A---- C:\windows\system32\perftrack.dll
2016-02-29 10:54:16 ----A---- C:\windows\system32\msxml6.dll
2016-02-29 10:54:15 ----A---- C:\windows\SYSWOW64\msxml6.dll
2016-02-29 10:54:15 ----A---- C:\windows\SYSWOW64\msxml3.dll
2016-02-29 10:54:15 ----A---- C:\windows\system32\msxml3.dll
2016-02-29 10:54:14 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2016-02-29 10:54:14 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2016-02-29 10:54:14 ----A---- C:\windows\system32\msxml6r.dll
2016-02-29 10:54:14 ----A---- C:\windows\system32\msxml3r.dll
2016-02-29 10:54:08 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2016-02-29 10:54:08 ----A---- C:\windows\SYSWOW64\dwmapi.dll
2016-02-29 10:54:08 ----A---- C:\windows\system32\dwmcore.dll
2016-02-29 10:54:08 ----A---- C:\windows\system32\dwmapi.dll
2016-02-29 10:54:00 ----A---- C:\windows\system32\drivers\stream.sys
2016-02-29 10:53:59 ----A---- C:\windows\system32\drivers\ntfs.sys
2016-02-29 10:53:58 ----A---- C:\windows\system32\charmap.exe
2016-02-29 10:53:57 ----A---- C:\windows\SYSWOW64\charmap.exe
2016-02-29 10:53:56 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-02-29 10:53:56 ----A---- C:\windows\system32\oleaut32.dll
2016-02-29 01:33:22 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mwac.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2016-02-29 01:32:39 ----A---- C:\windows\system32\drivers\mbam.sys
2016-02-29 01:32:38 ----D---- C:\ProgramData\Malwarebytes
2016-02-29 01:32:38 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-29 01:13:14 ----D---- C:\AdwCleaner
2016-02-11 10:06:39 ----D---- C:\Hry
2016-02-11 10:02:10 ----D---- C:\windows\system32\appmgmt
2016-02-10 23:36:16 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-02-10 23:36:08 ----D---- C:\windows\SYSWOW64\Macromed
2016-02-10 23:36:02 ----D---- C:\windows\system32\Macromed
2016-02-10 23:20:02 ----D---- C:\Program Files (x86)\Google
2016-02-10 20:24:52 ----D---- C:\Program Files (x86)\Cities Skylines
2016-02-10 20:05:55 ----D---- C:\Users\Dana\AppData\Roaming\.mono
2016-02-10 20:05:55 ----D---- C:\ProgramData\.mono
2016-02-10 17:43:14 ----A---- C:\windows\system32\InkEd.dll
2016-02-10 17:43:13 ----A---- C:\windows\SYSWOW64\InkEd.dll
2016-02-10 17:43:12 ----A---- C:\windows\system32\jnwmon.dll
2016-02-10 17:43:10 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-02-10 17:43:10 ----A---- C:\windows\system32\iertutil.dll
2016-02-10 17:43:09 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-02-10 17:43:06 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-02-10 17:43:04 ----A---- C:\windows\system32\urlmon.dll
2016-02-10 17:43:03 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-02-10 17:43:03 ----A---- C:\windows\system32\ieui.dll
2016-02-10 17:43:03 ----A---- C:\windows\system32\ieframe.dll
2016-02-10 17:43:01 ----A---- C:\windows\system32\mshtml.dll
2016-02-10 17:43:01 ----A---- C:\windows\system32\ieUnatt.exe
2016-02-10 17:42:50 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-02-10 17:42:50 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-02-10 17:42:49 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-02-10 17:42:49 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\iernonce.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-02-10 17:42:49 ----A---- C:\windows\system32\ieetwcollector.exe
2016-02-10 17:42:48 ----A---- C:\windows\SYSWOW64\occache.dll
2016-02-10 17:42:48 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-02-10 17:42:48 ----A---- C:\windows\system32\inseng.dll
2016-02-10 17:42:48 ----A---- C:\windows\system32\ie4uinit.exe
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-10 17:42:47 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-02-10 17:42:47 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 17:42:46 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-02-10 17:42:43 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-02-10 17:42:43 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-02-10 17:42:43 ----A---- C:\windows\system32\occache.dll
2016-02-10 17:42:43 ----A---- C:\windows\system32\iedkcs32.dll
2016-02-10 17:42:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-02-10 17:42:42 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-02-10 17:42:41 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-02-10 17:42:41 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-02-10 17:42:41 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-02-10 17:42:40 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-02-10 17:42:40 ----A---- C:\windows\system32\msfeeds.dll
2016-02-10 17:42:40 ----A---- C:\windows\system32\dxtrans.dll
2016-02-10 17:42:38 ----A---- C:\windows\system32\iesetup.dll
2016-02-10 17:42:37 ----A---- C:\windows\system32\ieapfltr.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-02-10 17:42:34 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-02-10 17:42:34 ----A---- C:\windows\system32\vbscript.dll
2016-02-10 17:42:33 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-02-10 17:42:33 ----A---- C:\windows\system32\jsproxy.dll
2016-02-10 17:42:32 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-02-10 17:42:32 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-02-10 17:42:31 ----A---- C:\windows\system32\dxtmsft.dll
2016-02-10 17:42:29 ----A---- C:\windows\system32\mshtmled.dll
2016-02-10 17:42:28 ----A---- C:\windows\system32\webcheck.dll
2016-02-10 17:42:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-02-10 17:42:27 ----A---- C:\windows\system32\jscript9diag.dll
2016-02-10 17:42:27 ----A---- C:\windows\system32\jscript.dll
2016-02-10 17:42:26 ----A---- C:\windows\system32\wininet.dll
2016-02-10 17:42:26 ----A---- C:\windows\system32\jscript9.dll
2016-02-10 17:42:24 ----A---- C:\windows\system32\MshtmlDac.dll
2016-02-10 17:42:23 ----A---- C:\windows\system32\msrating.dll
2016-02-10 17:41:08 ----A---- C:\windows\system32\drivers\mrxdav.sys
2016-02-10 17:41:07 ----A---- C:\windows\system32\win32k.sys
2016-02-10 17:40:59 ----A---- C:\windows\system32\ole32.dll
2016-02-10 17:40:54 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-02-10 17:40:11 ----A---- C:\windows\system32\EncDec.dll
2016-02-10 17:40:10 ----A---- C:\windows\SYSWOW64\EncDec.dll
2016-02-10 17:40:10 ----A---- C:\windows\SYSWOW64\CPFilters.dll
2016-02-10 17:40:10 ----A---- C:\windows\system32\CPFilters.dll
2016-02-10 17:40:09 ----A---- C:\windows\system32\ntoskrnl.exe
2016-02-10 17:40:08 ----A---- C:\windows\system32\ntdll.dll
2016-02-10 17:40:08 ----A---- C:\windows\system32\KernelBase.dll
2016-02-10 17:40:07 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-02-10 17:40:07 ----A---- C:\windows\system32\mtxoci.dll
2016-02-10 17:40:07 ----A---- C:\windows\system32\kerberos.dll
2016-02-10 17:40:06 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-02-10 17:40:05 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-02-10 17:40:05 ----A---- C:\windows\system32\kernel32.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\mtxoci.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2016-02-10 17:40:04 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-02-10 17:40:04 ----A---- C:\windows\system32\advapi32.dll
2016-02-10 17:40:03 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-02-10 17:40:02 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-02-10 17:40:02 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-02-10 17:40:02 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-02-10 17:40:00 ----A---- C:\windows\system32\lsasrv.dll
2016-02-10 17:39:59 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-02-10 17:39:59 ----A---- C:\windows\system32\rpcrt4.dll
2016-02-10 17:39:59 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-02-10 17:39:58 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wow64win.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wow64.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\winsrv.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\wdigest.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\TSpkg.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\sspicli.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\srcore.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\smss.exe
2016-02-10 17:39:58 ----A---- C:\windows\system32\schannel.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\ncrypt.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\msv1_0.dll
2016-02-10 17:39:58 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-02-10 17:39:58 ----A---- C:\windows\system32\conhost.exe
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-02-10 17:39:57 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\wow64cpu.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\sspisrv.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\srclient.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\secur32.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\rstrui.exe
2016-02-10 17:39:57 ----A---- C:\windows\system32\ntvdm64.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\lsass.exe
2016-02-10 17:39:57 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-02-10 17:39:57 ----A---- C:\windows\system32\csrsrv.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\cryptbase.dll
2016-02-10 17:39:57 ----A---- C:\windows\system32\credssp.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:39:56 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-02-10 17:39:56 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-02-10 17:39:56 ----A---- C:\windows\system32\auditpol.exe
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:39:55 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:39:54 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:39:53 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:39:53 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-02-10 17:39:53 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-02-10 17:39:52 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:39:52 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\user.exe
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\msaudite.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\apisetschema.dll
2016-02-10 17:39:52 ----A---- C:\windows\system32\adtschema.dll
2016-02-10 17:39:51 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-02-10 17:39:51 ----A---- C:\windows\system32\msobjs.dll
2016-02-10 16:27:56 ----A---- C:\windows\SYSWOW64\mapi32.dll
2016-02-10 16:27:56 ----A---- C:\windows\system32\mapistub.dll
2016-02-10 16:27:56 ----A---- C:\windows\system32\mapi32.dll
2016-02-10 16:27:55 ----A---- C:\windows\SYSWOW64\mapistub.dll
2016-02-10 16:27:55 ----A---- C:\windows\SYSWOW64\fixmapi.exe
2016-02-10 16:27:55 ----A---- C:\windows\system32\fixmapi.exe
2016-02-10 01:03:11 ----A---- C:\windows\SYSWOW64\qedit.dll
2016-02-10 01:03:11 ----A---- C:\windows\system32\qedit.dll
2016-02-10 01:03:06 ----A---- C:\windows\system32\msmpeg2adec.dll
2016-02-10 01:03:05 ----A---- C:\windows\SYSWOW64\msmpeg2adec.dll
2016-02-10 01:03:05 ----A---- C:\windows\system32\WMVDECOD.DLL
2016-02-10 01:03:05 ----A---- C:\windows\system32\WMADMOD.DLL
2016-02-10 01:03:04 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2016-02-10 01:03:04 ----A---- C:\windows\system32\WMSPDMOD.DLL
2016-02-10 01:03:03 ----A---- C:\windows\system32\WMVSDECD.DLL
2016-02-10 01:03:03 ----A---- C:\windows\system32\MSMPEG2ENC.DLL
2016-02-10 01:03:02 ----A---- C:\windows\SYSWOW64\WMADMOD.DLL
2016-02-10 01:03:02 ----A---- C:\windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-10 01:03:02 ----A---- C:\windows\system32\mf.dll
2016-02-10 01:03:01 ----A---- C:\windows\SYSWOW64\mf.dll
2016-02-10 01:03:00 ----A---- C:\windows\SYSWOW64\WMVSDECD.DLL
2016-02-10 01:03:00 ----A---- C:\windows\SYSWOW64\WMSPDMOD.DLL
2016-02-10 01:03:00 ----A---- C:\windows\system32\WMADMOE.DLL
2016-02-10 01:02:59 ----A---- C:\windows\SYSWOW64\WMADMOE.DLL
2016-02-10 01:02:59 ----A---- C:\windows\system32\mcmde.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\wmpmde.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\quartz.dll
2016-02-10 01:02:58 ----A---- C:\windows\system32\evr.dll
2016-02-10 01:02:57 ----A---- C:\windows\SYSWOW64\wmpmde.dll
2016-02-10 01:02:57 ----A---- C:\windows\SYSWOW64\COLORCNV.DLL
2016-02-10 01:02:57 ----A---- C:\windows\system32\WMVENCOD.DLL
2016-02-10 01:02:57 ----A---- C:\windows\system32\COLORCNV.DLL
2016-02-10 01:02:55 ----A---- C:\windows\SYSWOW64\WMVENCOD.DLL
2016-02-10 01:02:55 ----A---- C:\windows\SYSWOW64\evr.dll
2016-02-10 01:02:55 ----A---- C:\windows\system32\WMVXENCD.DLL
2016-02-10 01:02:55 ----A---- C:\windows\system32\WMSPDMOE.DLL
2016-02-10 01:02:54 ----A---- C:\windows\SYSWOW64\WMVXENCD.DLL
2016-02-10 01:02:54 ----A---- C:\windows\SYSWOW64\quartz.dll
2016-02-10 01:02:54 ----A---- C:\windows\system32\WMVSENCD.DLL
2016-02-10 01:02:54 ----A---- C:\windows\system32\WMALFXGFXDSP.dll
2016-02-10 01:02:53 ----A---- C:\windows\system32\VIDRESZR.DLL
2016-02-10 01:02:53 ----A---- C:\windows\system32\MFWMAAEC.DLL
2016-02-10 01:02:53 ----A---- C:\windows\system32\mfplat.dll
2016-02-10 01:02:52 ----A---- C:\windows\SYSWOW64\devenum.dll
2016-02-10 01:02:52 ----A---- C:\windows\system32\MP4SDECD.DLL
2016-02-10 01:02:52 ----A---- C:\windows\system32\devenum.dll
2016-02-10 01:02:51 ----A---- C:\windows\SYSWOW64\qdvd.dll
2016-02-10 01:02:51 ----A---- C:\windows\SYSWOW64\mfplat.dll
2016-02-10 01:02:51 ----A---- C:\windows\system32\RESAMPLEDMO.DLL
2016-02-10 01:02:51 ----A---- C:\windows\system32\MPG4DECD.DLL
2016-02-10 01:02:51 ----A---- C:\windows\system32\MP43DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\WMVSENCD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MPG4DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MP43DECD.DLL
2016-02-10 01:02:50 ----A---- C:\windows\SYSWOW64\MFWMAAEC.DLL
2016-02-10 01:02:50 ----A---- C:\windows\system32\MP3DMOD.DLL
2016-02-10 01:02:49 ----A---- C:\windows\SYSWOW64\WMSPDMOE.DLL
2016-02-10 01:02:49 ----A---- C:\windows\SYSWOW64\qasf.dll
2016-02-10 01:02:49 ----A---- C:\windows\system32\mfvdsp.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\SysFxUI.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\qdvd.dll
2016-02-10 01:02:48 ----A---- C:\windows\system32\qasf.dll
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\VIDRESZR.DLL
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-10 01:02:47 ----A---- C:\windows\SYSWOW64\MP4SDECD.DLL
2016-02-10 01:02:46 ----A---- C:\windows\SYSWOW64\MP3DMOD.DLL
2016-02-10 01:02:46 ----A---- C:\windows\system32\msmpeg2vdec.dll
2016-02-10 01:02:45 ----A---- C:\windows\SYSWOW64\mfvdsp.dll
2016-02-10 01:02:44 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2016-02-10 01:02:44 ----A---- C:\windows\system32\rrinstaller.exe
2016-02-10 01:02:43 ----A---- C:\windows\SYSWOW64\mfps.dll
2016-02-10 01:02:43 ----A---- C:\windows\system32\mfps.dll
2016-02-10 01:02:42 ----A---- C:\windows\system32\mfpmp.exe
2016-02-10 01:02:41 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2016-02-10 01:02:41 ----A---- C:\windows\system32\drivers\portcls.sys
2016-02-10 01:02:41 ----A---- C:\windows\system32\drivers\drmk.sys
2016-02-10 01:02:40 ----A---- C:\windows\SYSWOW64\mferror.dll
2016-02-10 01:02:40 ----A---- C:\windows\SYSWOW64\ksuser.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\mferror.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\ksuser.dll
2016-02-10 01:02:40 ----A---- C:\windows\system32\drivers\drmkaud.sys
2016-02-10 00:57:42 ----A---- C:\windows\SYSWOW64\gdi32.dll
2016-02-10 00:57:42 ----A---- C:\windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-03-05 12:47:15 ----D---- C:\Windows
2016-03-05 12:47:10 ----D---- C:\windows\Temp
2016-03-05 12:47:07 ----D---- C:\windows\system32\config
2016-03-05 12:41:58 ----D---- C:\windows\Tasks
2016-03-05 12:37:54 ----D---- C:\windows\System32
2016-03-05 12:37:54 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-05 12:37:53 ----D---- C:\windows\inf
2016-03-05 12:30:51 ----HD---- C:\ProgramData
2016-03-05 12:29:21 ----D---- C:\windows\system32\catroot
2016-03-05 12:28:30 ----SHD---- C:\windows\Installer
2016-03-05 12:28:29 ----D---- C:\Program Files (x86)\ATI Technologies
2016-03-05 12:28:23 ----D---- C:\windows\system32\drivers
2016-03-05 12:28:22 ----D---- C:\windows\system32\DriverStore
2016-03-05 12:28:00 ----RD---- C:\Program Files
2016-03-05 12:24:38 ----D---- C:\Program Files\AMD
2016-03-05 12:24:01 ----D---- C:\windows\SysWOW64
2016-03-05 12:23:26 ----D---- C:\ProgramData\Package Cache
2016-03-05 12:23:21 ----SHD---- C:\System Volume Information
2016-03-05 11:51:56 ----D---- C:\windows\rescache
2016-03-05 10:39:59 ----D---- C:\windows\winsxs
2016-03-05 01:09:02 ----D---- C:\windows\Microsoft.NET
2016-03-02 23:34:16 ----D---- C:\windows\AppCompat
2016-03-01 00:14:30 ----D---- C:\Program Files\Microsoft Security Client
2016-03-01 00:14:28 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-29 23:11:38 ----D---- C:\windows\Prefetch
2016-02-29 23:08:09 ----D---- C:\windows\system32\Tasks
2016-02-29 23:04:56 ----RD---- C:\Program Files (x86)
2016-02-29 23:03:34 ----SD---- C:\Users\Dana\AppData\Roaming\Microsoft
2016-02-29 23:02:53 ----D---- C:\Program Files (x86)\AMD
2016-02-29 22:54:46 ----D---- C:\windows\system32\catroot2
2016-02-29 12:42:31 ----D---- C:\windows\Logs
2016-02-29 12:35:02 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-02-29 12:35:02 ----D---- C:\windows\system32\cs-CZ
2016-02-29 12:35:01 ----D---- C:\windows\SYSWOW64\wbem
2016-02-29 12:35:01 ----D---- C:\windows\system32\wbem
2016-02-29 12:35:01 ----D---- C:\windows\system32\drivers\en-US
2016-02-29 12:34:57 ----D---- C:\windows\system32\AdvancedInstallers
2016-02-29 12:34:57 ----D---- C:\windows\AppPatch
2016-02-29 12:34:56 ----D---- C:\windows\tracing
2016-02-29 12:34:56 ----D---- C:\windows\system32\drivers\cs-CZ
2016-02-29 12:34:55 ----D---- C:\windows\SYSWOW64\en-US
2016-02-29 12:34:55 ----D---- C:\windows\system32\en-US
2016-02-29 12:34:55 ----D---- C:\windows\PolicyDefinitions
2016-02-29 12:34:50 ----SD---- C:\ProgramData\Microsoft
2016-02-29 12:34:46 ----RSD---- C:\windows\Fonts
2016-02-29 12:34:44 ----D---- C:\windows\cs-CZ
2016-02-29 12:28:15 ----D---- C:\windows\debug
2016-02-29 11:10:01 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2016-02-12 21:30:21 ----D---- C:\windows\system32\wdi
2016-02-11 20:13:51 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-02-11 18:32:34 ----RSD---- C:\windows\assembly
2016-02-11 10:56:16 ----D---- C:\Program Files\Windows Journal
2016-02-11 10:56:15 ----D---- C:\windows\SYSWOW64\sk-SK
2016-02-11 10:56:15 ----D---- C:\windows\system32\sk-SK
2016-02-11 10:56:15 ----D---- C:\Program Files\Internet Explorer
2016-02-11 10:56:15 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-11 10:02:08 ----D---- C:\Program Files (x86)\Common Files
2016-02-11 10:01:34 ----D---- C:\Users\Dana\AppData\Roaming\hpqLog
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2015-03-30 85704]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2015-03-30 43720]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\drivers\amdkmpfd.sys [2015-04-23 65248]
R0 hpdskflt;HP Filter; C:\windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\windows\system32\drivers\amdacpksd.sys [2015-12-04 296648]
R2 APXACC;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2015-04-03 229056]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\amdhub30.sys [2015-06-17 117008]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2015-12-04 23961088]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2015-12-04 671232]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\amdxhc.sys [2015-06-17 237840]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2015-09-18 96256]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-11-12 4275288]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2016-03-05 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-10-05 63704]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2016-01-29 4862720]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2014-10-07 674592]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\drivers\SynTP.sys [2014-10-31 580336]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2014-02-16 60640]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUSB;WinUSB Service; C:\windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\windows\system32\DRIVERS\RtsP2Stor.sys [2014-03-18 293592]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2014-03-27 272600]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\windows\system32\drivers\Smb_driver_AMDASF.sys [2014-10-31 32496]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\drivers\Smb_driver_Intel.sys [2014-10-31 33008]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2015-12-04 246272]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2015-12-04 121856]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2013-07-23 43320]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-09-04 292568]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-10 154440]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-08-22 93184]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-29 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-10 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2015-11-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu - při přehrávání youtube se video seká
I log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu - při přehrávání youtube se video seká
tak jeste jednou diky moc. 
na win32cldefender.exe jsem podezreni mel, ale jak se ho zbavit nebo jak to vyzkouset jsem nevedel. takze jeste jednou velke diky. Funguje již v pořádku
na win32cldefender.exe jsem podezreni mel, ale jak se ho zbavit nebo jak to vyzkouset jsem nevedel. takze jeste jednou velke diky. Funguje již v pořádku
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu - při přehrávání youtube se video seká
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?