Kontrola PC

[Lex]

Dobrý den, v PC se mi objevil malware Miuref.B a ten poté instaloval další a další malware, objevila se mi zde aplikace ProxyGate, kterou jsem neinstaloval a nejspíše byla i aktivní, obsahovala jakýsi monitoring atd. Odinstalovat nešla. Windows začal házet chyby o dll knihovnách, Windows Defender hlásil malware... Systémový disk jsem formátoval a přeinstaloval Windows. Na tomto disku mám pouze Windows, aplikace, programy atd. Rád bych zkontroloval HDD s uloženými soubory - hry, filmy, stažené soubory, atd.. Ty co by mohly být podezřelé jsem již smazal - soubory, které jsem stahoval v posledním týdnu. Jak na to ? Děkuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Aleš Brychta at 2016-03-12 10:08:45
Microsoft Windows 10 Education
System drive C: has 221 GB (93%) free of 238 GB
Total RAM: 4093 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:08:49, on 12.03.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Aleš Brychta\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\trend micro\Aleš Brychta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Aleš Brychta\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5471 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k utcsvc

C:\Windows\system32\svchost.exe -k appmodel
dashost.exe {45890554-3081-4808-babfbc4ca7280451}

C:\Windows\system32\wbem\wmiprvse.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\Aleš Brychta\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 9F07D642-767B-13C6-EA31-37C4CF594FBB -Reinvoke

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Aleš Brychta\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-11-10 1804616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Aleš Brychta\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11 551104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-12 09:55:49 ----D---- C:\Windows\SYSWOW64\XPSViewer
2016-03-12 09:55:45 ----D---- C:\Program Files\Reference Assemblies
2016-03-12 09:55:45 ----D---- C:\Program Files\MSBuild
2016-03-12 09:55:45 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-03-12 09:55:45 ----D---- C:\Program Files (x86)\MSBuild
2016-03-12 09:54:55 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-03-12 09:54:55 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2016-03-12 09:54:55 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-12 09:54:53 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-03-12 09:54:53 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2016-03-12 09:54:53 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-12 09:46:02 ----D---- C:\Users\Aleš Brychta\AppData\Roaming\Macromedia
2016-03-12 09:24:14 ----D---- C:\rsit
2016-03-12 09:24:14 ----D---- C:\Program Files\trend micro
2016-03-12 09:23:22 ----D---- C:\Windows\system32\MRT
2016-03-12 09:23:21 ----A---- C:\Windows\system32\MRT.exe
2016-03-12 09:23:08 ----N---- C:\Windows\system32\MpSigStub.exe
2016-03-12 09:22:47 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-12 09:22:47 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-03-12 09:22:45 ----A---- C:\Windows\system32\mshtml.dll
2016-03-12 09:22:45 ----A---- C:\Windows\system32\edgehtml.dll
2016-03-12 09:22:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-12 09:22:42 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-03-12 09:22:41 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-03-12 09:22:40 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-03-12 09:22:38 ----A---- C:\Windows\system32\twinui.dll
2016-03-12 09:22:38 ----A---- C:\Windows\system32\shell32.dll
2016-03-12 09:22:36 ----A---- C:\Windows\system32\WSService.dll
2016-03-12 09:22:36 ----A---- C:\Windows\system32\windows.storage.dll
2016-03-12 09:22:36 ----A---- C:\Windows\system32\ieframe.dll
2016-03-12 09:22:35 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-03-12 09:22:35 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-03-12 09:22:34 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-12 09:22:34 ----A---- C:\Windows\system32\mstscax.dll
2016-03-12 09:22:34 ----A---- C:\Windows\system32\Chakra.dll
2016-03-12 09:22:33 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2016-03-12 09:22:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-12 09:22:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-12 09:22:31 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-03-12 09:22:30 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-03-12 09:22:30 ----A---- C:\Windows\SYSWOW64\mos.dll
2016-03-12 09:22:30 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-03-12 09:22:29 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2016-03-12 09:22:29 ----A---- C:\Windows\system32\jscript9.dll
2016-03-12 09:22:29 ----A---- C:\Windows\system32\d2d1.dll
2016-03-12 09:22:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-12 09:22:28 ----A---- C:\Windows\system32\Windows.UI.Logon.dll
2016-03-12 09:22:28 ----A---- C:\Windows\system32\mos.dll
2016-03-12 09:22:28 ----A---- C:\Windows\system32\mfcore.dll
2016-03-12 09:22:27 ----A---- C:\Windows\system32\wininet.dll
2016-03-12 09:22:27 ----A---- C:\Windows\system32\Windows.Media.dll
2016-03-12 09:22:27 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-03-12 09:22:26 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-03-12 09:22:26 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-12 09:22:26 ----A---- C:\Windows\system32\win32kfull.sys
2016-03-12 09:22:26 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-03-12 09:22:26 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2016-03-12 09:22:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-12 09:22:25 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2016-03-12 09:22:25 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2016-03-12 09:22:25 ----A---- C:\Windows\SYSWOW64\ETWCoreUIComponentsResources.dll
2016-03-12 09:22:25 ----A---- C:\Windows\system32\ETWCoreUIComponentsResources.dll
2016-03-12 09:22:25 ----A---- C:\Windows\system32\CoreUIComponents.dll
2016-03-12 09:22:25 ----A---- C:\Windows\system32\cdp.dll
2016-03-12 09:22:25 ----A---- C:\Windows\explorer.exe
2016-03-12 09:22:24 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-03-12 09:22:24 ----A---- C:\Windows\system32\wlidsvc.dll
2016-03-12 09:22:24 ----A---- C:\Windows\system32\msxml6.dll
2016-03-12 09:22:24 ----A---- C:\Windows\system32\d3d11.dll
2016-03-12 09:22:24 ----A---- C:\Windows\system32\CertEnroll.dll
2016-03-12 09:22:23 ----A---- C:\Windows\SYSWOW64\Windows.UI.Logon.dll
2016-03-12 09:22:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-12 09:22:23 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-03-12 09:22:23 ----A---- C:\Windows\SYSWOW64\BingMaps.dll
2016-03-12 09:22:23 ----A---- C:\Windows\system32\InputService.dll
2016-03-12 09:22:23 ----A---- C:\Windows\system32\iertutil.dll
2016-03-12 09:22:23 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-03-12 09:22:23 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-12 09:22:23 ----A---- C:\Windows\system32\ActiveSyncProvider.dll
2016-03-12 09:22:22 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-03-12 09:22:22 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-03-12 09:22:22 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-03-12 09:22:22 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2016-03-12 09:22:22 ----A---- C:\Windows\SYSWOW64\cdp.dll
2016-03-12 09:22:22 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-03-12 09:22:21 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-03-12 09:22:21 ----A---- C:\Windows\SYSWOW64\ActiveSyncProvider.dll
2016-03-12 09:22:21 ----A---- C:\Windows\system32\Windows.UI.Shell.dll
2016-03-12 09:22:21 ----A---- C:\Windows\system32\msftedit.dll
2016-03-12 09:22:21 ----A---- C:\Windows\system32\LicenseManager.dll
2016-03-12 09:22:21 ----A---- C:\Windows\system32\dwmcore.dll
2016-03-12 09:22:21 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-12 09:22:21 ----A---- C:\Windows\system32\audiosrv.dll
2016-03-12 09:22:20 ----A---- C:\Windows\SYSWOW64\InputService.dll
2016-03-12 09:22:20 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-03-12 09:22:20 ----A---- C:\Windows\SYSWOW64\combase.dll
2016-03-12 09:22:20 ----A---- C:\Windows\system32\WpcMon.exe
2016-03-12 09:22:20 ----A---- C:\Windows\system32\UserDataService.dll
2016-03-12 09:22:20 ----A---- C:\Windows\system32\urlmon.dll
2016-03-12 09:22:20 ----A---- C:\Windows\system32\dosvc.dll
2016-03-12 09:22:20 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-03-12 09:22:19 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2016-03-12 09:22:19 ----A---- C:\Windows\SYSWOW64\LicenseManager.dll
2016-03-12 09:22:19 ----A---- C:\Windows\system32\XblGameSave.dll
2016-03-12 09:22:19 ----A---- C:\Windows\system32\schedsvc.dll
2016-03-12 09:22:19 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-03-12 09:22:19 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2016-03-12 09:22:19 ----A---- C:\Windows\system32\combase.dll
2016-03-12 09:22:19 ----A---- C:\Windows\system32\BingMaps.dll
2016-03-12 09:22:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-12 09:22:18 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2016-03-12 09:22:18 ----A---- C:\Windows\SYSWOW64\mfasfsrcsnk.dll
2016-03-12 09:22:18 ----A---- C:\Windows\system32\XblAuthManager.dll
2016-03-12 09:22:18 ----A---- C:\Windows\system32\wifinetworkmanager.dll
2016-03-12 09:22:18 ----A---- C:\Windows\system32\modernexecserver.dll
2016-03-12 09:22:18 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2016-03-12 09:22:18 ----A---- C:\Windows\system32\comsvcs.dll
2016-03-12 09:22:17 ----A---- C:\Windows\SYSWOW64\mfsrcsnk.dll
2016-03-12 09:22:17 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-03-12 09:22:17 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-12 09:22:17 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\wwansvc.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\WpcWebFilter.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\Windows.AccountsControl.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\usermgr.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\Unistore.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\quartz.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\mfsrcsnk.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\mf.dll
2016-03-12 09:22:17 ----A---- C:\Windows\system32\authui.dll
2016-03-12 09:22:16 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-03-12 09:22:16 ----A---- C:\Windows\system32\WWAHost.exe
2016-03-12 09:22:16 ----A---- C:\Windows\system32\winhttp.dll
2016-03-12 09:22:16 ----A---- C:\Windows\system32\win32kbase.sys
2016-03-12 09:22:16 ----A---- C:\Windows\system32\RecoveryDrive.exe
2016-03-12 09:22:16 ----A---- C:\Windows\system32\mfasfsrcsnk.dll
2016-03-12 09:22:16 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-12 09:22:16 ----A---- C:\Windows\system32\kerberos.dll
2016-03-12 09:22:15 ----A---- C:\Windows\SYSWOW64\Unistore.dll
2016-03-12 09:22:15 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-03-12 09:22:15 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-12 09:22:15 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-03-12 09:22:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-12 09:22:15 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-03-12 09:22:15 ----A---- C:\Windows\system32\Windows.Media.Audio.dll
2016-03-12 09:22:15 ----A---- C:\Windows\system32\PlayToManager.dll
2016-03-12 09:22:15 ----A---- C:\Windows\system32\NetSetupEngine.dll
2016-03-12 09:22:15 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-12 09:22:15 ----A---- C:\Windows\system32\GdiPlus.dll
2016-03-12 09:22:15 ----A---- C:\Windows\system32\diagtrack.dll
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\WWAHost.exe
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\WpcWebFilter.dll
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\Windows.Media.Audio.dll
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\Windows.AccountsControl.dll
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-12 09:22:14 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-03-12 09:22:14 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-03-12 09:22:14 ----A---- C:\Windows\system32\SRHInproc.dll
2016-03-12 09:22:14 ----A---- C:\Windows\system32\SettingSyncCore.dll
2016-03-12 09:22:14 ----A---- C:\Windows\system32\mfplat.dll
2016-03-12 09:22:14 ----A---- C:\Windows\system32\localspl.dll
2016-03-12 09:22:14 ----A---- C:\Windows\system32\dcomp.dll
2016-03-12 09:22:14 ----A---- C:\Windows\system32\aeinv.dll
2016-03-12 09:22:13 ----A---- C:\Windows\SYSWOW64\PlayToManager.dll
2016-03-12 09:22:13 ----A---- C:\Windows\SYSWOW64\NetSetupEngine.dll
2016-03-12 09:22:13 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\wcmsvc.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\vbscript.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\UIAutomationCore.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\ole32.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\ntdll.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\ngcsvc.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\msctf.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\mfds.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\MapsStore.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\invagent.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\ContactApis.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\BingOnlineServices.dll
2016-03-12 09:22:13 ----A---- C:\Windows\system32\AudioSes.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\SRHInproc.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-03-12 09:22:12 ----A---- C:\Windows\SYSWOW64\ContactApis.dll
2016-03-12 09:22:12 ----A---- C:\Windows\system32\Windows.UI.dll
2016-03-12 09:22:12 ----A---- C:\Windows\system32\uDWM.dll
2016-03-12 09:22:12 ----A---- C:\Windows\system32\evr.dll
2016-03-12 09:22:12 ----A---- C:\Windows\system32\enterprisecsps.dll
2016-03-12 09:22:12 ----A---- C:\Windows\system32\dxgi.dll
2016-03-12 09:22:12 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2016-03-12 09:22:12 ----A---- C:\Windows\system32\devinv.dll
2016-03-12 09:22:11 ----A---- C:\Windows\SYSWOW64\WMPDMC.exe
2016-03-12 09:22:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-12 09:22:11 ----A---- C:\Windows\SYSWOW64\SRH.dll
2016-03-12 09:22:11 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-03-12 09:22:11 ----A---- C:\Windows\system32\wpncore.dll
2016-03-12 09:22:11 ----A---- C:\Windows\system32\winlogon.exe
2016-03-12 09:22:11 ----A---- C:\Windows\system32\SmsRouterSvc.dll
2016-03-12 09:22:11 ----A---- C:\Windows\system32\SharedStartModel.dll
2016-03-12 09:22:11 ----A---- C:\Windows\system32\SettingSync.dll
2016-03-12 09:22:11 ----A---- C:\Windows\system32\services.exe
2016-03-12 09:22:11 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2016-03-12 09:22:11 ----A---- C:\Windows\system32\generaltel.dll
2016-03-12 09:22:11 ----A---- C:\Windows\system32\AppointmentApis.dll
2016-03-12 09:22:10 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-03-12 09:22:10 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-03-12 09:22:10 ----A---- C:\Windows\SYSWOW64\AppointmentApis.dll
2016-03-12 09:22:10 ----A---- C:\Windows\system32\XboxNetApiSvc.dll
2016-03-12 09:22:10 ----A---- C:\Windows\system32\wlansvc.dll
2016-03-12 09:22:10 ----A---- C:\Windows\system32\winload.exe
2016-03-12 09:22:10 ----A---- C:\Windows\system32\vaultsvc.dll
2016-03-12 09:22:10 ----A---- C:\Windows\system32\NetSetupShim.dll
2016-03-12 09:22:10 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-12 09:22:10 ----A---- C:\Windows\system32\MCRecvSrc.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2016-03-12 09:22:09 ----A---- C:\Windows\SYSWOW64\BingOnlineServices.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-03-12 09:22:09 ----A---- C:\Windows\system32\WinTypes.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\PhoneProviders.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\mfmkvsrcsnk.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\MbaeApi.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\MapControlCore.dll
2016-03-12 09:22:09 ----A---- C:\Windows\system32\bisrv.dll
2016-03-12 09:22:08 ----A---- C:\Windows\SYSWOW64\NetSetupShim.dll
2016-03-12 09:22:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-12 09:22:08 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-03-12 09:22:08 ----A---- C:\Windows\SYSWOW64\mfmkvsrcsnk.dll
2016-03-12 09:22:08 ----A---- C:\Windows\SYSWOW64\MbaeApi.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\winresume.exe
2016-03-12 09:22:08 ----A---- C:\Windows\system32\Windows.Media.MediaControl.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\StoreAgent.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\SRH.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\PhoneService.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\mfnetcore.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\jscript.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\facecredentialprovider.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\ClipSVC.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\AudioEng.dll
2016-03-12 09:22:08 ----A---- C:\Windows\system32\AppxPackaging.dll
2016-03-12 09:22:07 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-03-12 09:22:07 ----A---- C:\Windows\SYSWOW64\WinTypes.dll
2016-03-12 09:22:07 ----A---- C:\Windows\SYSWOW64\StoreAgent.dll
2016-03-12 09:22:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-12 09:22:07 ----A---- C:\Windows\SYSWOW64\MCRecvSrc.dll
2016-03-12 09:22:07 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\wuuhext.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-03-12 09:22:07 ----A---- C:\Windows\system32\wlansec.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\user32.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\usbmon.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\spoolsv.exe
2016-03-12 09:22:07 ----A---- C:\Windows\system32\SensorsApi.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\QuickActionsDataModel.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\netlogon.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\mfreadwrite.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\MFPlay.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\MBMediaManager.dll
2016-03-12 09:22:07 ----A---- C:\Windows\system32\fontdrvhost.exe
2016-03-12 09:22:07 ----A---- C:\Windows\system32\CredProvDataModel.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Bluetooth.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\wer.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\SensorsApi.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\PlayToDevice.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-12 09:22:06 ----A---- C:\Windows\SYSWOW64\AppxPackaging.dll
2016-03-12 09:22:06 ----A---- C:\Windows\system32\wscsvc.dll
2016-03-12 09:22:06 ----A---- C:\Windows\system32\wer.dll
2016-03-12 09:22:06 ----A---- C:\Windows\system32\TextInputFramework.dll
2016-03-12 09:22:06 ----A---- C:\Windows\system32\PlayToDevice.dll
2016-03-12 09:22:06 ----A---- C:\Windows\system32\MTFServer.dll
2016-03-12 09:22:06 ----A---- C:\Windows\system32\MDEServer.exe
2016-03-12 09:22:06 ----A---- C:\Windows\system32\deviceaccess.dll
2016-03-12 09:22:05 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-03-12 09:22:05 ----A---- C:\Windows\SYSWOW64\MessagingDataModel2.dll
2016-03-12 09:22:05 ----A---- C:\Windows\SYSWOW64\deviceaccess.dll
2016-03-12 09:22:05 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\uReFS.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\TimeBrokerServer.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\SyncController.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\schannel.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\qedit.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\MTF.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\mfsvr.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\MessagingDataModel2.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\LogonController.dll
2016-03-12 09:22:05 ----A---- C:\Windows\system32\drivers\http.sys
2016-03-12 09:22:05 ----A---- C:\Windows\system32\audiodg.exe
2016-03-12 09:22:05 ----A---- C:\Windows\system32\appraiser.dll
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\TextInputFramework.dll
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\SyncController.dll
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\MTF.dll
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\msvproc.dll
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\dcomp.dll
2016-03-12 09:22:04 ----A---- C:\Windows\SYSWOW64\CredProvDataModel.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\WWanAPI.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\wifiprofilessettinghandler.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\wbiosrvc.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\storewuauth.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\SensorService.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\provhandlers.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\provengine.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\mftranscode.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\ipnathlp.dll
2016-03-12 09:22:04 ----A---- C:\Windows\system32\drivers\afd.sys
2016-03-12 09:22:04 ----A---- C:\Windows\system32\DeviceCensus.exe
2016-03-12 09:22:04 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2016-03-12 09:22:03 ----A---- C:\Windows\SYSWOW64\WWanAPI.dll
2016-03-12 09:22:03 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2016-03-12 09:22:03 ----A---- C:\Windows\SYSWOW64\uReFS.dll
2016-03-12 09:22:03 ----A---- C:\Windows\SYSWOW64\LogonController.dll
2016-03-12 09:22:03 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-12 09:22:03 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\wcmcsp.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\StorSvc.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\NetSetupSvc.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-03-12 09:22:03 ----A---- C:\Windows\system32\MSFlacDecoder.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\InstallAgent.exe
2016-03-12 09:22:03 ----A---- C:\Windows\system32\gdi32.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-03-12 09:22:03 ----A---- C:\Windows\system32\DisplayManager.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\dafBth.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2016-03-12 09:22:03 ----A---- C:\Windows\system32\advapi32.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\SimCfg.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\rastls.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\rasdlg.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\PackageStateRoaming.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\MSFlacDecoder.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\InstallAgent.exe
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\DisplayManager.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll
2016-03-12 09:22:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\WMPDMC.exe
2016-03-12 09:22:02 ----A---- C:\Windows\system32\wlidcli.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\WiFiDisplay.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\systemreset.exe
2016-03-12 09:22:02 ----A---- C:\Windows\system32\srcore.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\SimCfg.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\qdvd.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\msvproc.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\drivers\xboxgip.sys
2016-03-12 09:22:02 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-03-12 09:22:02 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-03-12 09:22:02 ----A---- C:\Windows\system32\drivers\acpi.sys
2016-03-12 09:22:02 ----A---- C:\Windows\system32\dmenrollengine.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\dialserver.dll
2016-03-12 09:22:02 ----A---- C:\Windows\system32\cryptngc.dll
2016-03-12 09:22:01 ----A---- C:\Windows\SYSWOW64\WiFiDisplay.dll
2016-03-12 09:22:01 ----A---- C:\Windows\SYSWOW64\sqmapi.dll
2016-03-12 09:22:01 ----A---- C:\Windows\SYSWOW64\ProximityCommon.dll
2016-03-12 09:22:01 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-03-12 09:22:01 ----A---- C:\Windows\SYSWOW64\ChatApis.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-03-12 09:22:01 ----A---- C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\werui.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\tetheringservice.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\taskschd.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\psmsrv.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\ProximityCommon.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\MusNotification.exe
2016-03-12 09:22:01 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-12 09:22:01 ----A---- C:\Windows\system32\iassam.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\flvprophandler.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\DeviceEnroller.exe
2016-03-12 09:22:01 ----A---- C:\Windows\system32\CallHistoryClient.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\atmfd.dll
2016-03-12 09:22:01 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2016-03-12 09:22:00 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2016-03-12 09:22:00 ----A---- C:\Windows\SYSWOW64\SimAuth.dll
2016-03-12 09:22:00 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\SimAuth.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\rasdlg.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\rasapi32.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\MPSSVC.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\ChatApis.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\EmailApis.dll
2016-03-12 09:22:00 ----A---- C:\Windows\system32\drivers\sdbus.sys
2016-03-12 09:22:00 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-12 09:22:00 ----A---- C:\Windows\system32\configurationclient.dll
2016-03-12 09:21:59 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-03-12 09:21:59 ----A---- C:\Windows\SYSWOW64\wlidcli.dll
2016-03-12 09:21:59 ----A---- C:\Windows\SYSWOW64\NetSetupApi.dll
2016-03-12 09:21:59 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-03-12 09:21:59 ----A---- C:\Windows\SYSWOW64\cryptngc.dll
2016-03-12 09:21:59 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-12 09:21:59 ----A---- C:\Windows\system32\wscapi.dll
2016-03-12 09:21:59 ----A---- C:\Windows\system32\vaultcli.dll
2016-03-12 09:21:59 ----A---- C:\Windows\system32\thumbcache.dll
2016-03-12 09:21:59 ----A---- C:\Windows\system32\SMSRouter.dll
2016-03-12 09:21:59 ----A---- C:\Windows\system32\mfps.dll
2016-03-12 09:21:59 ----A---- C:\Windows\system32\MDMAppInstaller.exe
2016-03-12 09:21:59 ----A---- C:\Windows\system32\drivers\xinputhid.sys
2016-03-12 09:21:59 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-03-12 09:21:59 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2016-03-12 09:21:59 ----A---- C:\Windows\system32\drivers\bridge.sys
2016-03-12 09:21:58 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-12 09:21:58 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2016-03-12 09:21:58 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-03-12 09:21:58 ----A---- C:\Windows\SYSWOW64\MapsBtSvc.dll
2016-03-12 09:21:58 ----A---- C:\Windows\SYSWOW64\EmailApis.dll
2016-03-12 09:21:58 ----A---- C:\Windows\SYSWOW64\AppointmentActivation.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\VCardParser.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\sqmapi.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\sharemediacpl.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\policymanager.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\PackageStateRoaming.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\ngckeyenum.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-03-12 09:21:58 ----A---- C:\Windows\system32\MapConfiguration.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\fveapi.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-12 09:21:58 ----A---- C:\Windows\system32\AuthBroker.dll
2016-03-12 09:21:58 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-03-12 09:21:57 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-03-12 09:21:57 ----A---- C:\Windows\SYSWOW64\cemapi.dll
2016-03-12 09:21:57 ----A---- C:\Windows\system32\XblAuthManagerProxy.dll
2016-03-12 09:21:57 ----A---- C:\Windows\system32\omadmclient.exe
2016-03-12 09:21:57 ----A---- C:\Windows\system32\NetSetupApi.dll
2016-03-12 09:21:57 ----A---- C:\Windows\system32\mtxoci.dll
2016-03-12 09:21:57 ----A---- C:\Windows\system32\MapsBtSvc.dll
2016-03-12 09:21:57 ----A---- C:\Windows\system32\drivers\sdstor.sys
2016-03-12 09:21:57 ----A---- C:\Windows\system32\domgmt.dll
2016-03-12 09:21:57 ----A---- C:\Windows\system32\DDDS.dll
2016-03-12 09:21:57 ----A---- C:\Windows\system32\catsrvut.dll
2016-03-12 09:21:56 ----A---- C:\Windows\SYSWOW64\usermgrcli.dll
2016-03-12 09:21:56 ----A---- C:\Windows\SYSWOW64\PhoneCallHistoryApis.dll
2016-03-12 09:21:56 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-03-12 09:21:56 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2016-03-12 09:21:56 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-03-12 09:21:56 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-03-12 09:21:56 ----A---- C:\Windows\SYSWOW64\fwbase.dll
2016-03-12 09:21:56 ----A---- C:\Windows\system32\ztrace_maps.dll
2016-03-12 09:21:56 ----A---- C:\Windows\system32\usermgrcli.dll
2016-03-12 09:21:56 ----A---- C:\Windows\system32\UserDataAccountApis.dll
2016-03-12 09:21:56 ----A---- C:\Windows\system32\MusNotificationUx.exe
2016-03-12 09:21:56 ----A---- C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-12 09:21:56 ----A---- C:\Windows\system32\drivers\cng.sys
2016-03-12 09:21:56 ----A---- C:\Windows\system32\drivers\capimg.sys
2016-03-12 09:21:56 ----A---- C:\Windows\system32\cemapi.dll
2016-03-12 09:21:56 ----A---- C:\Windows\system32\acmigration.dll
2016-03-12 09:21:55 ----A---- C:\Windows\SYSWOW64\ztrace_maps.dll
2016-03-12 09:21:55 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Scanners.dll
2016-03-12 09:21:55 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-03-12 09:21:55 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-03-12 09:21:55 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\wlanmsm.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\wlanapi.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\wermgr.exe
2016-03-12 09:21:55 ----A---- C:\Windows\system32\rastls.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\provpackageapidll.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\PimIndexMaintenance.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\OpenWith.exe
2016-03-12 09:21:55 ----A---- C:\Windows\system32\mssign32.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\hlink.dll
2016-03-12 09:21:55 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-12 09:21:55 ----A---- C:\Windows\system32\drivers\tsusbhub.sys
2016-03-12 09:21:55 ----A---- C:\Windows\system32\drivers\appid.sys
2016-03-12 09:21:55 ----A---- C:\Windows\system32\AuthHost.exe
2016-03-12 09:21:55 ----A---- C:\Windows\system32\AppointmentActivation.dll
2016-03-12 09:21:54 ----A---- C:\Windows\SYSWOW64\wwapi.dll
2016-03-12 09:21:54 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2016-03-12 09:21:54 ----A---- C:\Windows\SYSWOW64\VCardParser.dll
2016-03-12 09:21:54 ----A---- C:\Windows\SYSWOW64\remoteaudioendpoint.dll
2016-03-12 09:21:54 ----A---- C:\Windows\SYSWOW64\OpenWith.exe
2016-03-12 09:21:54 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-03-12 09:21:54 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-12 09:21:54 ----A---- C:\Windows\system32\wwapi.dll
2016-03-12 09:21:54 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-12 09:21:54 ----A---- C:\Windows\system32\wimgapi.dll
2016-03-12 09:21:54 ----A---- C:\Windows\system32\SensorsUtilsV2.dll
2016-03-12 09:21:54 ----A---- C:\Windows\system32\SensorsNativeApi.dll
2016-03-12 09:21:54 ----A---- C:\Windows\system32\remoteaudioendpoint.dll
2016-03-12 09:21:54 ----A---- C:\Windows\system32\mfpmp.exe
2016-03-12 09:21:54 ----A---- C:\Windows\system32\EncDump.dll
2016-03-12 09:21:54 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-03-12 09:21:53 ----A---- C:\Windows\SYSWOW64\XblAuthManagerProxy.dll
2016-03-12 09:21:53 ----A---- C:\Windows\SYSWOW64\POSyncServices.dll
2016-03-12 09:21:53 ----A---- C:\Windows\SYSWOW64\AppxSip.dll
2016-03-12 09:21:53 ----A---- C:\Windows\system32\wsqmcons.exe
2016-03-12 09:21:53 ----A---- C:\Windows\system32\wimserv.exe
2016-03-12 09:21:53 ----A---- C:\Windows\system32\wifitask.exe
2016-03-12 09:21:53 ----A---- C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-03-12 09:21:53 ----A---- C:\Windows\system32\PhoneCallHistoryApis.dll
2016-03-12 09:21:53 ----A---- C:\Windows\system32\KnobsCore.dll
2016-03-12 09:21:53 ----A---- C:\Windows\system32\drivers\wimmount.sys
2016-03-12 09:21:53 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-12 09:21:53 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-12 09:21:52 ----A---- C:\Windows\SYSWOW64\werui.dll
2016-03-12 09:21:52 ----A---- C:\Windows\SYSWOW64\UserDataAccountApis.dll
2016-03-12 09:21:52 ----A---- C:\Windows\SYSWOW64\pcaui.exe
2016-03-12 09:21:52 ----A---- C:\Windows\SYSWOW64\iassam.dll
2016-03-12 09:21:52 ----A---- C:\Windows\SYSWOW64\ExSMime.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\wlansvcpal.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\WiFiConfigSP.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\rdpsign.exe
2016-03-12 09:21:52 ----A---- C:\Windows\system32\provtool.exe
2016-03-12 09:21:52 ----A---- C:\Windows\system32\provisioningcsp.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\provdatastore.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\pcaui.exe
2016-03-12 09:21:52 ----A---- C:\Windows\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\FilterDS.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\ExSMime.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\dssvc.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\cfgbkend.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\CellularAPI.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\AppxSysprep.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\AppxSip.dll
2016-03-12 09:21:52 ----A---- C:\Windows\system32\accountaccessor.dll
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\UserDataTimeUtil.dll
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\rasautou.exe
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\MapConfiguration.dll
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\ExtrasXmlParser.dll
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\cfgbkend.dll
2016-03-12 09:21:51 ----A---- C:\Windows\SYSWOW64\CallHistoryClient.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\wpninprc.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\Windows.Devices.Scanners.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\wfapigp.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\UserDataLanguageUtil.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\shutdownux.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\seclogon.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\scapi.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\RMSRoamingSecurity.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\rasautou.exe
2016-03-12 09:21:51 ----A---- C:\Windows\system32\ProvPluginEng.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\POSyncServices.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\policymanagerprecheck.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\moshostcore.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\moshost.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\fwbase.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\fveapibase.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-03-12 09:21:51 ----A---- C:\Windows\system32\drivers\usbser.sys
2016-03-12 09:21:50 ----A---- C:\Windows\SYSWOW64\wininetlui.dll
2016-03-12 09:21:50 ----A---- C:\Windows\SYSWOW64\UserDataTypeHelperUtil.dll
2016-03-12 09:21:50 ----A---- C:\Windows\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-03-12 09:21:50 ----A---- C:\Windows\SYSWOW64\UserDataLanguageUtil.dll
2016-03-12 09:21:50 ----A---- C:\Windows\SYSWOW64\profext.dll
2016-03-12 09:21:50 ----A---- C:\Windows\SYSWOW64\PimIndexMaintenanceClient.dll
2016-03-12 09:21:50 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\wininetlui.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\wfdprov.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\UserMgrProxy.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\UserDataTimeUtil.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\sscoreext.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\rasadhlp.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\irmon.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\Chakradiag.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\ExtrasXmlParser.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\DscCore.dll
2016-03-12 09:21:50 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2016-03-12 09:21:50 ----A---- C:\Windows\system32\bcastdvr.exe
2016-03-12 09:21:50 ----A---- C:\Windows\system32\aitstatic.exe
2016-03-12 09:21:49 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-03-12 09:21:49 ----A---- C:\Windows\SYSWOW64\UserMgrProxy.dll
2016-03-12 09:21:49 ----A---- C:\Windows\SYSWOW64\TimeBrokerClient.dll
2016-03-12 09:21:49 ----A---- C:\Windows\SYSWOW64\InputLocaleManager.dll
2016-03-12 09:21:49 ----A---- C:\Windows\SYSWOW64\fwpolicyiomgr.dll
2016-03-12 09:21:49 ----A---- C:\Windows\SYSWOW64\bcastdvr.exe
2016-03-12 09:21:49 ----A---- C:\Windows\system32\wwanmm.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\winbio.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\TimeBrokerClient.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\srpapi.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\profext.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\LaunchWinApp.exe
2016-03-12 09:21:49 ----A---- C:\Windows\system32\InputLocaleManager.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\iesetup.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\iernonce.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\fwpolicyiomgr.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\fontsub.dll
2016-03-12 09:21:49 ----A---- C:\Windows\system32\AppCapture.dll
2016-03-12 09:21:48 ----A---- C:\Windows\SYSWOW64\winhttpcom.dll
2016-03-12 09:21:48 ----A---- C:\Windows\SYSWOW64\winbio.dll
2016-03-12 09:21:48 ----A---- C:\Windows\SYSWOW64\rasadhlp.dll
2016-03-12 09:21:48 ----A---- C:\Windows\SYSWOW64\LaunchWinApp.exe
2016-03-12 09:21:48 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\wwanconn.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\wshrm.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\winhttpcom.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\win32k.sys
2016-03-12 09:21:48 ----A---- C:\Windows\system32\reseteng.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\rastlsext.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\rasauto.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\pnidui.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\mdmmigrator.dll
2016-03-12 09:21:48 ----A---- C:\Windows\system32\dmcertinst.exe
2016-03-12 09:21:48 ----A---- C:\Windows\system32\aepic.dll
2016-03-12 09:21:47 ----A---- C:\Windows\SYSWOW64\rastlsext.dll
2016-03-12 09:21:47 ----A---- C:\Windows\SYSWOW64\NMAA.dll
2016-03-12 09:21:47 ----A---- C:\Windows\SYSWOW64\MapControlCore.dll
2016-03-12 09:21:47 ----A---- C:\Windows\SYSWOW64\JpMapControl.dll
2016-03-12 09:21:47 ----A---- C:\Windows\system32\wwancfg.dll
2016-03-12 09:21:47 ----A---- C:\Windows\system32\JpMapControl.dll
2016-03-12 09:21:46 ----A---- C:\Windows\SYSWOW64\offlinelsa.dll
2016-03-12 09:21:46 ----A---- C:\Windows\SYSWOW64\MosStorage.dll
2016-03-12 09:21:46 ----A---- C:\Windows\SYSWOW64\EditBufferTestHook.dll
2016-03-12 09:21:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\wwanprotdim.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\Wwanpref.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\SensorsNativeApi.V2.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\readingviewresources.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\provops.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\offlinelsa.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\NMAA.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\MosStorage.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\enrollmentapi.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\EditBufferTestHook.dll
2016-03-12 09:21:46 ----A---- C:\Windows\system32\dciman32.dll
2016-03-12 09:21:45 ----A---- C:\Windows\SYSWOW64\XblAuthTokenBrokerExt.dll
2016-03-12 09:21:45 ----A---- C:\Windows\SYSWOW64\WordBreakers.dll
2016-03-12 09:21:45 ----A---- C:\Windows\SYSWOW64\MosHostClient.dll
2016-03-12 09:21:45 ----A---- C:\Windows\SYSWOW64\AppCapture.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\XblAuthTokenBrokerExt.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\wups2.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\wsplib.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\WordBreakers.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\wificonnapi.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\tzautoupdate.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\rilproxy.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\NFCProvisioningPlugin.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\nativemap.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\MosHostClient.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\mapsupdatetask.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\mapstoasttask.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\MapsCSP.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\KnobsCsp.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\ihvrilproxy.dll
2016-03-12 09:21:45 ----A---- C:\Windows\system32\BarcodeProvisioningPlugin.dll
2016-03-12 09:21:44 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-03-12 09:21:44 ----A---- C:\Windows\SYSWOW64\UIAutomationCoreRes.dll
2016-03-12 09:21:44 ----A---- C:\Windows\SYSWOW64\NmaDirect.dll
2016-03-12 09:21:44 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-12 09:21:44 ----A---- C:\Windows\SYSWOW64\bcastdvr.proxy.dll
2016-03-12 09:21:44 ----A---- C:\Windows\SYSWOW64\BackgroundTransferHost.exe
2016-03-12 09:21:44 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\UIAutomationCoreRes.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\tetheringconfigsp.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\tetheringclient.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\StorageUsage.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\NmaDirect.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\MapsBtSvcProxy.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\lpk.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\IcsEntitlementHost.exe
2016-03-12 09:21:44 ----A---- C:\Windows\system32\bcastdvr.proxy.dll
2016-03-12 09:21:44 ----A---- C:\Windows\system32\BackgroundTransferHost.exe
2016-03-12 09:21:44 ----A---- C:\Windows\system32\atmlib.dll
2016-03-12 09:21:43 ----A---- C:\Windows\SYSWOW64\MosResource.dll
2016-03-12 09:21:43 ----A---- C:\Windows\SYSWOW64\Microsoft-Windows-MosTrace.dll
2016-03-12 09:21:43 ----A---- C:\Windows\SYSWOW64\Microsoft-Windows-MosHost.dll
2016-03-12 09:21:43 ----A---- C:\Windows\SYSWOW64\Microsoft-Windows-MapControls.dll
2016-03-12 09:21:43 ----A---- C:\Windows\SYSWOW64\MapControlStringsRes.dll
2016-03-12 09:21:43 ----A---- C:\Windows\system32\MosResource.dll
2016-03-12 09:21:43 ----A---- C:\Windows\system32\Microsoft-Windows-MosTrace.dll
2016-03-12 09:21:43 ----A---- C:\Windows\system32\Microsoft-Windows-MosHost.dll
2016-03-12 09:21:43 ----A---- C:\Windows\system32\Microsoft-Windows-MapControls.dll
2016-03-12 09:21:43 ----A---- C:\Windows\system32\MapControlStringsRes.dll
2016-03-12 09:09:14 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2016-03-12 09:09:09 ----D---- C:\ProgramData\NVIDIA
2016-03-12 09:09:01 ----A---- C:\Windows\system32\nvvsvc.exe
2016-03-12 09:09:01 ----A---- C:\Windows\system32\nvsvcr.dll
2016-03-12 09:09:01 ----A---- C:\Windows\system32\nvsvc64.dll
2016-03-12 09:09:01 ----A---- C:\Windows\system32\nvshext.dll
2016-03-12 09:09:01 ----A---- C:\Windows\system32\nvmctray.dll
2016-03-12 09:09:01 ----A---- C:\Windows\system32\nvcpl.dll
2016-03-12 09:08:45 ----A---- C:\Windows\system32\OpenCL.dll
2016-03-12 09:08:36 ----D---- C:\ProgramData\NVIDIA Corporation
2016-03-12 09:08:32 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-03-11 19:49:41 ----D---- C:\Program Files\NVIDIA Corporation
2016-03-11 19:48:34 ----D---- C:\ProgramData\Microsoft OneDrive
2016-03-11 19:47:00 ----D---- C:\Users\Aleš Brychta\AppData\Roaming\Adobe
2016-03-11 19:46:51 ----SD---- C:\Users\Aleš Brychta\AppData\Roaming\Microsoft
2016-03-11 19:32:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-11 19:29:38 ----D---- C:\ProgramData\USOShared
2016-03-11 19:28:50 ----HD---- C:\Program Files\Uninstall Information
2016-03-11 19:28:43 ----D---- C:\Windows\CSC
2016-03-11 19:28:42 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2016-03-11 19:28:38 ----D---- C:\Windows\SoftwareDistribution
2016-03-11 19:28:34 ----SHD---- C:\ProgramData\Šablony
2016-03-11 19:28:34 ----SHD---- C:\ProgramData\Plocha
2016-03-11 19:28:34 ----SHD---- C:\ProgramData\Nabídka Start
2016-03-11 19:28:34 ----SHD---- C:\ProgramData\Dokumenty
2016-03-11 19:28:34 ----SHD---- C:\ProgramData\Data aplikací
2016-03-11 19:28:34 ----SHD---- C:\Documents and Settings
2016-03-11 19:28:21 ----ASH---- C:\hiberfil.sys
2016-03-11 19:26:32 ----SHD---- C:\Recovery
2016-03-11 19:26:06 ----AS---- C:\Windows\bootstat.dat
2016-03-11 19:26:03 ----D---- C:\Windows\Prefetch
2016-03-11 19:20:48 ----SD---- C:\Windows\system32\Microsoft
2016-03-11 19:20:48 ----D---- C:\Windows\ServiceProfiles
2016-03-11 19:20:46 ----A---- C:\Windows\system32\FNTCACHE.DAT
2016-03-11 19:20:43 ----ASH---- C:\swapfile.sys
2016-03-11 19:20:43 ----ASH---- C:\pagefile.sys
2016-03-11 19:16:45 ----SHD---- C:\System Volume Information
2016-03-11 19:15:42 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

2016-03-12 10:01:01 ----D---- C:\Windows\System32
2016-03-12 10:01:01 ----D---- C:\Windows\INF
2016-03-12 09:58:35 ----D---- C:\Windows\system32\WDI
2016-03-12 09:57:03 ----D---- C:\Windows\WinSxS
2016-03-12 09:57:03 ----D---- C:\Windows\Temp
2016-03-12 09:57:03 ----D---- C:\Windows\system32\config
2016-03-12 09:57:03 ----D---- C:\Windows\Microsoft.NET
2016-03-12 09:56:51 ----D---- C:\Windows\system32\sru
2016-03-12 09:56:04 ----D---- C:\Windows\AppReadiness
2016-03-12 09:55:58 ----HD---- C:\Program Files\WindowsApps
2016-03-12 09:55:49 ----D---- C:\Windows\SYSWOW64\wbem
2016-03-12 09:55:49 ----D---- C:\Windows\SYSWOW64\MUI
2016-03-12 09:55:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-12 09:55:49 ----D---- C:\Windows\SysWOW64
2016-03-12 09:55:48 ----D---- C:\Windows\system32\wbem
2016-03-12 09:55:48 ----D---- C:\Windows\system32\MUI
2016-03-12 09:55:48 ----D---- C:\Windows\system32\en-US
2016-03-12 09:55:48 ----D---- C:\Windows\system32\cs-CZ
2016-03-12 09:55:48 ----D---- C:\Windows\PolicyDefinitions
2016-03-12 09:55:46 ----RSD---- C:\Windows\Fonts
2016-03-12 09:55:45 ----RD---- C:\Program Files (x86)
2016-03-12 09:55:45 ----RD---- C:\Program Files
2016-03-12 09:55:45 ----D---- C:\Program Files\Windows Media Player
2016-03-12 09:55:45 ----D---- C:\Program Files\Internet Explorer
2016-03-12 09:55:45 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-12 09:54:29 ----D---- C:\Windows\CbsTemp
2016-03-12 09:30:26 ----D---- C:\Windows\system32\drivers
2016-03-12 09:30:26 ----D---- C:\Windows
2016-03-12 09:29:26 ----D---- C:\Windows\SYSWOW64\migration
2016-03-12 09:29:26 ----D---- C:\Windows\SYSWOW64\Dism
2016-03-12 09:29:20 ----SD---- C:\Windows\system32\F12
2016-03-12 09:29:20 ----D---- C:\Windows\system32\WinBioPlugIns
2016-03-12 09:29:20 ----D---- C:\Windows\system32\SystemResetPlatform
2016-03-12 09:29:20 ----D---- C:\Windows\system32\oobe
2016-03-12 09:29:20 ----D---- C:\Windows\system32\migration
2016-03-12 09:29:20 ----D---- C:\Windows\system32\drivers\UMDF
2016-03-12 09:29:20 ----D---- C:\Windows\system32\Dism
2016-03-12 09:29:19 ----D---- C:\Windows\system32\Boot
2016-03-12 09:29:19 ----D---- C:\Windows\system32\appraiser
2016-03-12 09:29:14 ----RD---- C:\Windows\PurchaseDialog
2016-03-12 09:29:14 ----D---- C:\Windows\Provisioning
2016-03-12 09:29:11 ----RSD---- C:\Windows\Media
2016-03-12 09:29:11 ----RD---- C:\Windows\ImmersiveControlPanel
2016-03-12 09:29:11 ----D---- C:\Windows\bcastdvr
2016-03-12 09:29:11 ----D---- C:\Windows\AppPatch
2016-03-12 09:29:11 ----D---- C:\Program Files\Windows Portable Devices
2016-03-12 09:29:11 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-12 09:29:11 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-12 09:29:11 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-12 09:29:10 ----D---- C:\Program Files\Windows Journal
2016-03-12 09:29:08 ----D---- C:\Windows\system32\DriverStore
2016-03-12 09:23:21 ----D---- C:\Windows\debug
2016-03-12 09:12:30 ----D---- C:\Windows\system32\catroot2
2016-03-12 09:09:09 ----HD---- C:\ProgramData
2016-03-12 09:09:01 ----D---- C:\Windows\Help
2016-03-12 09:09:00 ----RD---- C:\Windows\DevicesFlow
2016-03-12 09:08:26 ----D---- C:\Windows\Logs
2016-03-12 09:08:25 ----RD---- C:\Users
2016-03-11 19:47:09 ----SHD---- C:\$Recycle.Bin
2016-03-11 19:47:05 ----RD---- C:\Windows\PrintDialog
2016-03-11 19:47:04 ----RD---- C:\Windows\MiracastView
2016-03-11 19:45:31 ----SD---- C:\ProgramData\Microsoft
2016-03-11 19:39:19 ----D---- C:\Windows\system32\CodeIntegrity
2016-03-11 19:28:44 ----D---- C:\Windows\system32\spool
2016-03-11 19:28:44 ----D---- C:\Windows\system32\FxsTmp
2016-03-11 19:28:38 ----D---- C:\Windows\system32\CatRoot
2016-03-11 19:28:34 ----D---- C:\Windows\Tasks
2016-03-11 19:28:34 ----D---- C:\Program Files\Windows NT
2016-03-11 19:26:32 ----D---- C:\Windows\system32\Recovery
2016-03-08 08:12:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\System32\drivers\vwififlt.sys [2015-10-30 74240]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 NVHDA;@oem6.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-10 214168]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-11-10 11227280]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-10-30 589824]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-11-22 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2016-01-16 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\Windows\System32\drivers\vhf.sys [2015-10-30 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-11-05 938616]
R2 OneSyncSvc_43bcb;Hostitel synchronizace_43bcb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-05 417400]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_43bcb;Služba zasílání zpráv_43bcb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_43bcb;Data kontaktů_43bcb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\Windows\system32\TieringEngineService.exe [2015-10-30 290304]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_43bcb;Úložiště uživatelských dat_43bcb; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc_43bcb;Přístup k uživatelským datům_43bcb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 WalletService;@%SystemRoot%\System32\WalletService.dll,-1000; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Lex]

# AdwCleaner v5.101 - Logfile created 12/03/2016 at 13:27:40
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 10 Education (x64)
# Username : Aleš Brychta - DESKTOP-1OA1U8U
# Running from : C:\Users\Aleš Brychta\Desktop\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [715 bytes] - [12/03/2016 13:27:40]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [816 bytes] - [12/03/2016 13:26:42]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [899 bytes] ##########

[Rudy]

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[Lex]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Aleš Brychta at 2016-03-19 23:20:28
Microsoft Windows 10 Education
System drive C: has 209 GB (88%) free of 238 GB
Total RAM: 4093 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:28, on 19.03.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Aleš Brychta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Aleš Brychta\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6426 bytes

======Listing Processes======







winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k appmodel

dashost.exe {6b01ae43-2e6d-4573-8b191a677899b0a6}
taskeng.exe {05B946C6-5DCB-4659-863E-161DF0E3B1F6}
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 612 616 624 8192 620
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 8DCA6A35-0EB8-F168-04A3-A7492DD73BFA -Reinvoke

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-877057131-2713201890-253584951-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-877057131-2713201890-253584951-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Aleš Brychta\Desktop\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[Rudy]

Log není kompletní.