Preventivní kontrola - 2 části

[jack h]

Dobrý den,
prosím o preventivní kontrolu (případnou optimalizaci) ntb. V poslední době je možná trochu pomalejší a někdo se mi asi naboural do e-mailu
(hlásí výstraha od Seznamu, zatím neověřeno). Ze zde používaných nástrojů zatím nic nepoužito, díky.

Logfile of random's system information tool 1.10 (written by random/random)
Run by dusan at 2016-05-29 13:04:48
Microsoft Windows 10 Home
System drive C: has 851 GB (93%) free of 911 GB
Total RAM: 8106 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:48, on 29. 5. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\dusan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\dusan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo OKO Service - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
O23 - Service: lupdate (LenovoUpdate) - Unknown owner - C:\WINDOWS\System32\LenovoUpdate.exe (file missing)
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: OKOControlSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11384 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
System32\LenovoUpdate.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\atiesrxx.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a8fd5bac-037e-4d48-ac07-97a8c5cbf6f6 -SystemEventPortName:HostProcess-b0960520-367f-4263-bf65-625bdbff1f76 -IoCancelEventPortName:HostProcess-5d1864a6-7a2d-4a7c-92da-1e0ccf792c0e -NonStateChangingEventPortName:HostProcess-13b9572d-58a7-4733-a5ba-4299f67d83b8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:37f97356-9dcc-4ba1-8e29-259020ab855c -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4e678015-a520-476e-aa8e-cc1af2564be5 -SystemEventPortName:HostProcess-246c9a0b-aee9-4ea6-b31d-9d05a92a0f0b -IoCancelEventPortName:HostProcess-feaed7f4-0a78-45b8-9820-a4405dbb17fb -NonStateChangingEventPortName:HostProcess-00496ee7-b6f8-4b06-a442-f1b6311b9ff5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:921f6012-55b1-4b2d-b578-4d1835a0522f -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-219b4359-7d66-4f4a-a132-64c3f2e7dfd6 -SystemEventPortName:HostProcess-ca7eee44-cc54-4d50-958f-a21fc6fd4dca -IoCancelEventPortName:HostProcess-f364bfc3-a90e-4532-a52e-d320228f1614 -NonStateChangingEventPortName:HostProcess-e08b6c99-7c47-459c-9ff5-916173bb1e35 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7f81dce7-e84a-478a-9664-8b1dbc9c6850 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x1580_0x1ae4_0x5902a908"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
atieclxx
"C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
igfxEM.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe" /run
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe" /hide
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Lenovo\Communications Utility\tpknrres.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\dusan\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=50.0.2661.102 --handshake-handle=0x1b4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7780.0.1512357225\1533590525" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,10,12,24,53 --gpu-vendor-id=0x1002 --gpu-device-id=0x6660 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.1001 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PreventUWYTDefaultForNonURLInputsStable_Control/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledSlowStartLargeReduction/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="7780.3.722589137\1948337251" /prefetch:1

C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\dusan\Downloads\rsit\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-18 902624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-18 679680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2014-10-22 4060376]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-29 4866760]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-10-10 36352]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-02-13 791368]
"OneKeyOptimizer"=C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [2015-06-19 604968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-27 3945672]
"LMCSSTART1"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"LMCSSTART2"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]
"LMCSSTART3"=C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [2015-03-23 30152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-12-05 7935904]
"OneDrive"=C:\Users\dusan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-04 554176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-05-12 7400576]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-05-28 20:11:43 ----D---- C:\AdwCleaner
2016-05-28 18:52:34 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-05-28 18:52:17 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-28 18:52:17 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-05-28 18:52:17 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-05-28 18:52:17 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-05-28 17:36:38 ----D---- C:\rsit
2016-05-28 17:36:38 ----D---- C:\Program Files\trend micro
2016-05-28 15:23:51 ----D---- C:\Users\dusan\AppData\Roaming\Malwarebytes
2016-05-28 15:23:04 ----D---- C:\ProgramData\Malwarebytes
2016-05-19 22:13:52 ----D---- C:\Program Files (x86)\Raptr Inc
2016-05-19 22:12:35 ----SHD---- C:\Config.Msi
2016-05-12 17:01:10 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-05-12 17:01:07 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-05-12 17:01:07 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-05-12 17:01:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-05-12 17:01:05 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-05-12 17:01:04 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-12 17:01:02 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-05-12 17:01:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-05-12 17:00:58 ----A---- C:\WINDOWS\system32\shell32.dll
2016-05-12 17:00:57 ----A---- C:\WINDOWS\system32\twinui.dll
2016-05-12 17:00:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-05-12 17:00:56 ----A---- C:\WINDOWS\system32\mos.dll
2016-05-12 17:00:54 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-05-12 17:00:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-05-12 17:00:53 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-05-12 17:00:52 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-05-12 17:00:51 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-05-12 17:00:51 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-05-12 17:00:50 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-05-12 17:00:49 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-05-12 17:00:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-05-12 17:00:49 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-05-12 17:00:49 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-05-12 17:00:48 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-05-12 17:00:47 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-05-12 17:00:47 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-05-12 17:00:46 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-05-12 17:00:45 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-12 17:00:44 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-05-12 17:00:43 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-12 17:00:43 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-05-12 17:00:43 ----A---- C:\WINDOWS\explorer.exe
2016-05-12 17:00:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-05-12 17:00:42 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-05-12 17:00:42 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-05-12 17:00:42 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-05-12 17:00:41 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-05-12 17:00:41 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-05-12 17:00:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-05-12 17:00:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-05-12 17:00:38 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-05-12 17:00:38 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-05-12 17:00:38 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-12 17:00:37 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-12 17:00:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-05-12 17:00:37 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-12 17:00:37 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-12 17:00:37 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-05-12 17:00:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-05-12 17:00:36 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-12 17:00:36 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-05-12 17:00:36 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-05-12 17:00:35 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-05-12 17:00:35 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-05-12 17:00:35 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-05-12 17:00:35 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-05-12 17:00:34 ----A---- C:\WINDOWS\system32\devinv.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-05-12 17:00:33 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-12 17:00:33 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-12 17:00:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-05-12 17:00:32 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-05-12 17:00:32 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-05-12 17:00:32 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-12 17:00:32 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-05-12 17:00:32 ----A---- C:\WINDOWS\system32\invagent.dll
2016-05-12 17:00:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-05-12 17:00:32 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-12 17:00:31 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-05-12 17:00:31 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-05-12 17:00:31 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-05-12 17:00:31 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-05-12 17:00:31 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-05-12 17:00:31 ----A---- C:\WINDOWS\system32\jscript.dll
2016-05-12 17:00:31 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-05-12 17:00:30 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-05-12 17:00:30 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-05-12 17:00:30 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-05-12 17:00:30 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-05-12 17:00:30 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-05-12 17:00:29 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-05-12 17:00:29 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-05-12 17:00:29 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-05-12 17:00:29 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-05-12 17:00:28 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-05-12 17:00:28 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-05-12 17:00:28 ----A---- C:\WINDOWS\system32\user32.dll
2016-05-12 17:00:28 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-05-12 17:00:28 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-05-12 17:00:27 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-05-12 17:00:27 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-05-12 17:00:27 ----A---- C:\WINDOWS\system32\schannel.dll
2016-05-12 17:00:27 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-05-12 17:00:27 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-05-12 17:00:27 ----A---- C:\WINDOWS\system32\provengine.dll
2016-05-12 17:00:27 ----A---- C:\WINDOWS\system32\aepic.dll
2016-05-12 17:00:27 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2016-05-12 17:00:26 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-05-12 17:00:26 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-05-12 17:00:26 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-05-12 17:00:26 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-12 17:00:26 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2016-05-12 17:00:26 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-05-12 17:00:26 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-12 17:00:25 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-05-12 17:00:25 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-05-12 17:00:25 ----A---- C:\WINDOWS\system32\shacct.dll
2016-05-12 17:00:25 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-05-12 17:00:25 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-05-12 17:00:25 ----A---- C:\WINDOWS\system32\drivers\sdport.sys
2016-05-12 17:00:25 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-05-12 17:00:24 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-05-12 17:00:24 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-05-12 17:00:24 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-05-12 17:00:24 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-05-12 17:00:24 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-05-12 17:00:23 ----A---- C:\WINDOWS\SYSWOW64\d3d10level9.dll
2016-05-12 17:00:23 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-05-12 17:00:23 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-05-12 17:00:23 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-12 17:00:23 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2016-05-12 17:00:23 ----A---- C:\WINDOWS\system32\moshost.dll
2016-05-12 17:00:23 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-05-12 17:00:22 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-05-12 17:00:22 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2016-05-12 17:00:22 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-05-12 17:00:22 ----A---- C:\WINDOWS\system32\wininit.exe
2016-05-12 17:00:22 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-12 17:00:21 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-05-12 17:00:20 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-05-12 17:00:20 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-05-12 17:00:20 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-12 17:00:20 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2016-05-12 17:00:20 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-05-12 17:00:20 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-05-12 17:00:19 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2016-05-12 17:00:19 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-05-12 17:00:19 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2016-05-12 17:00:19 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-12 17:00:19 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-05-12 17:00:18 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-05-12 17:00:18 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-05-12 17:00:18 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2016-05-12 17:00:18 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-05-12 17:00:18 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-12 17:00:18 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-12 17:00:17 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-05-12 17:00:17 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-05-12 17:00:17 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-12 17:00:17 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-05-12 17:00:17 ----A---- C:\WINDOWS\system32\rsaenh.dll
2016-05-12 17:00:16 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2016-05-12 17:00:16 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-12 17:00:16 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-12 17:00:16 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-05-12 17:00:16 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2016-05-12 17:00:15 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-05-12 17:00:15 ----A---- C:\WINDOWS\system32\dwminit.dll
2016-05-12 17:00:15 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-05-12 17:00:13 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-05-12 17:00:13 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2016-05-12 17:00:13 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-05-12 17:00:13 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-05-12 17:00:13 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-12 17:00:13 ----A---- C:\WINDOWS\system32\drivers\ufxsynopsys.sys
2016-05-12 17:00:13 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2016-05-12 17:00:13 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-05-12 17:00:13 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-12 17:00:12 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-05-12 17:00:12 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-05-12 17:00:12 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-05-12 17:00:12 ----A---- C:\WINDOWS\system32\drivers\filecrypt.sys
2016-05-12 17:00:11 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-05-12 17:00:11 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-05-12 17:00:11 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2016-05-12 17:00:11 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-05-12 17:00:11 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-05-12 17:00:11 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-05-12 17:00:11 ----A---- C:\WINDOWS\system32\hmkd.dll
2016-05-12 17:00:11 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-05-12 17:00:10 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-05-12 17:00:10 ----A---- C:\WINDOWS\system32\wups.dll
2016-05-12 17:00:10 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-05-12 17:00:10 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-12 17:00:10 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-05-12 17:00:10 ----A---- C:\WINDOWS\system32\cryptngc.dll
2016-05-12 17:00:09 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2016-05-12 17:00:09 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-05-12 17:00:09 ----A---- C:\WINDOWS\SYSWOW64\ByteCodeGenerator.exe
2016-05-12 17:00:09 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2016-05-12 17:00:09 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-12 17:00:07 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-12 17:00:06 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2016-05-12 17:00:06 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2016-05-12 17:00:06 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-05-12 17:00:06 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-12 17:00:06 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-05-12 17:00:06 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-12 17:00:05 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-12 17:00:05 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-05-12 17:00:04 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-05-12 17:00:04 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-05-12 17:00:04 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-05-12 17:00:03 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-12 17:00:03 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2016-05-12 17:00:03 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-05-05 17:20:28 ----A---- C:\WINDOWS\SYSWOW64\CameraInstlog.txt
2016-05-05 17:06:10 ----D---- C:\WINDOWS\system32\SleepStudy
2016-05-04 23:13:20 ----SHD---- C:\Recovery
2016-05-04 23:13:17 ----DC---- C:\WINDOWS\Panther
2016-05-04 23:10:13 ----D---- C:\Windows.old
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\wpninprc.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfds.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\fwbase.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\fveui.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-04 23:08:54 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\wmp.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\werui.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\localspl.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-05-04 23:08:36 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\UserDataTypeHelperUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\UserDataLanguageUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\POSyncServices.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\ExtrasXmlParser.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\cemapi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\WSService.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\winresume.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\winload.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wininet.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\wer.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\VCardParser.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SRH.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\scapi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\POSyncServices.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ole32.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\MTF.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\msi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\irmon.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ChatApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ExSMime.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\EmailApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ContactApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\cemapi.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\browser.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-05-04 23:08:32 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-05-04 23:08:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-05-04 23:08:31 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-05-04 23:08:31 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-05-04 23:08:31 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-05-04 23:08:31 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\samlib.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\profext.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\InputService.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\esent.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\dssvc.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\browcli.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\AuthHost.exe
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\AppxSip.dll
2016-05-04 23:08:27 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-05-04 23:08:26 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-05-04 23:08:26 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-05-04 22:54:34 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-05-04 22:54:32 ----D---- C:\Program Files\Reference Assemblies
2016-05-04 22:54:32 ----D---- C:\Program Files\MSBuild
2016-05-04 22:54:32 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-05-04 22:54:32 ----D---- C:\Program Files (x86)\MSBuild
2016-05-04 22:53:46 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-05-04 22:53:46 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-05-04 22:53:46 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-04 22:53:42 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-04 22:53:42 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-04 22:53:42 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-04 22:53:30 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-05-04 22:53:30 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-05-04 22:41:39 ----SHD---- C:\ProgramData\Šablony
2016-05-04 22:41:39 ----SHD---- C:\ProgramData\Plocha
2016-05-04 22:41:39 ----SHD---- C:\ProgramData\Nabídka Start
2016-05-04 22:41:39 ----SHD---- C:\ProgramData\Dokumenty
2016-05-04 22:41:39 ----SHD---- C:\ProgramData\Data aplikací
2016-05-04 22:34:51 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-05-04 22:33:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-04 22:21:55 ----SD---- C:\Users\dusan\AppData\Roaming\Microsoft
2016-05-04 22:19:02 ----AD---- C:\Program Files (x86)\AMD
2016-05-04 22:19:00 ----AD---- C:\Program Files\ATI Technologies
2016-05-04 22:18:47 ----D---- C:\WINDOWS\SYSWOW64\sda
2016-05-04 22:18:35 ----D---- C:\ProgramData\Conexant
2016-05-04 22:18:33 ----D---- C:\ProgramData\Package Cache
2016-05-04 22:18:33 ----D---- C:\Program Files\CONEXANT
2016-05-04 22:18:00 ----AD---- C:\Program Files\AMD
2016-05-04 22:17:43 ----A---- C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-05-04 22:17:43 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-04 22:17:06 ----D---- C:\Program Files\Intel
2016-05-04 22:16:31 ----D---- C:\Program Files\Synaptics
2016-05-04 22:14:38 ----D---- C:\WINDOWS\Prefetch
2016-05-04 22:14:00 ----A---- C:\WINDOWS\system32\LenovoUpdate.exe
2016-05-04 22:14:00 ----A---- C:\WINDOWS\system32\LenovoCheck.exe
2016-05-04 22:13:55 ----A---- C:\WINDOWS\system32\wpbbin.exe
2016-05-04 21:03:13 ----HD---- C:\$WINDOWS.~BT
2016-05-04 21:00:43 ----D---- C:\ESD
2016-05-04 19:57:01 ----HD---- C:\$Windows.~WS

======List of files/folders modified in the last 1 month======

2016-05-29 12:50:59 ----D---- C:\Windows
2016-05-29 12:47:25 ----D---- C:\WINDOWS\Temp
2016-05-29 12:47:16 ----D---- C:\WINDOWS\debug
2016-05-29 12:33:00 ----D---- C:\WINDOWS\system32\sru
2016-05-29 11:41:10 ----D---- C:\WINDOWS\AppReadiness
2016-05-29 11:32:06 ----D---- C:\ProgramData\Lenovo
2016-05-29 11:31:22 ----D---- C:\WINDOWS\System32
2016-05-28 20:36:16 ----SHD---- C:\System Volume Information
2016-05-28 19:42:50 ----D---- C:\WINDOWS\system32\drivers\etc
2016-05-28 18:53:52 ----SHDC---- C:\WINDOWS\Installer
2016-05-28 18:52:34 ----D---- C:\WINDOWS\system32\drivers
2016-05-28 18:52:17 ----RD---- C:\Program Files (x86)
2016-05-28 18:51:14 ----D---- C:\WINDOWS\system32\Tasks
2016-05-28 17:36:38 ----RD---- C:\Program Files
2016-05-28 17:31:26 ----D---- C:\WINDOWS\Microsoft.NET
2016-05-28 15:29:45 ----D---- C:\WINDOWS\INF
2016-05-28 15:23:04 ----HD---- C:\ProgramData
2016-05-28 13:46:15 ----HD---- C:\Program Files\WindowsApps
2016-05-24 17:28:40 ----D---- C:\WINDOWS\system32\config
2016-05-24 17:24:44 ----D---- C:\WINDOWS\system32\DriverStore
2016-05-24 17:24:38 ----D---- C:\WINDOWS\WinSxS
2016-05-23 18:20:45 ----D---- C:\Program Files (x86)\Common Files
2016-05-23 18:20:44 ----D---- C:\Program Files (x86)\Adobe
2016-05-23 17:12:43 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-05-19 19:44:43 ----D---- C:\WINDOWS\SysWOW64
2016-05-17 17:44:13 ----D---- C:\WINDOWS\rescache
2016-05-15 11:32:24 ----D---- C:\WINDOWS\system32\catroot2
2016-05-15 11:29:40 ----D---- C:\WINDOWS\CbsTemp
2016-05-14 04:42:51 ----RSD---- C:\WINDOWS\assembly
2016-05-12 20:28:34 ----D---- C:\WINDOWS\system32\MRT
2016-05-12 20:22:38 ----A---- C:\WINDOWS\system32\MRT.exe
2016-05-12 20:21:48 ----D---- C:\WINDOWS\system32\WDI
2016-05-12 20:16:11 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-05-12 20:16:11 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-05-12 20:16:11 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-05-12 20:16:07 ----D---- C:\WINDOWS\system32\oobe
2016-05-12 20:16:07 ----D---- C:\WINDOWS\system32\migration
2016-05-12 20:16:07 ----D---- C:\WINDOWS\system32\en-US
2016-05-12 20:16:07 ----D---- C:\WINDOWS\system32\cs-CZ
2016-05-12 20:16:07 ----D---- C:\WINDOWS\system32\appraiser
2016-05-12 20:16:06 ----D---- C:\WINDOWS\Provisioning
2016-05-12 20:16:06 ----D---- C:\WINDOWS\bcastdvr
2016-05-12 20:16:06 ----D---- C:\WINDOWS\AppPatch
2016-05-12 20:16:06 ----D---- C:\Program Files\Windows Journal
2016-05-12 20:16:06 ----D---- C:\Program Files\Internet Explorer
2016-05-12 20:16:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-11 21:57:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-05-11 16:08:08 ----D---- C:\WINDOWS\system32\NDF
2016-05-11 15:58:39 ----D---- C:\WINDOWS\Logs
2016-05-11 15:37:44 ----D---- C:\WINDOWS\Tasks
2016-05-08 22:53:27 ----D---- C:\ProgramData\AMD
2016-05-05 19:35:30 ----A---- C:\WINDOWS\SYSWOW64\taskSchedularLog.txt
2016-05-05 19:18:48 ----D---- C:\WINDOWS\OCR
2016-05-05 19:17:19 ----D---- C:\ProgramData\Downloaded Installations
2016-05-05 15:16:03 ----D---- C:\WINDOWS\appcompat
2016-05-05 00:01:33 ----D---- C:\WINDOWS\system32\restore
2016-05-04 23:14:03 ----D---- C:\WINDOWS\system32\LogFiles
2016-05-04 23:09:50 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-05-04 23:09:50 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-05-04 23:09:50 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-05-04 23:09:50 ----D---- C:\WINDOWS\system32\Dism
2016-05-04 23:09:50 ----D---- C:\WINDOWS\system32\Boot
2016-05-04 23:09:49 ----RSD---- C:\WINDOWS\Media
2016-05-04 23:09:49 ----RD---- C:\WINDOWS\PurchaseDialog
2016-05-04 23:09:49 ----D---- C:\WINDOWS\PolicyDefinitions
2016-05-04 23:09:49 ----D---- C:\Program Files\Windows Portable Devices
2016-05-04 23:09:49 ----D---- C:\Program Files\Windows Multimedia Platform
2016-05-04 23:09:49 ----D---- C:\Program Files\Windows Media Player
2016-05-04 23:09:49 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-05-04 23:09:49 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-05-04 23:03:15 ----SD---- C:\ProgramData\Microsoft
2016-05-04 23:02:24 ----SD---- C:\WINDOWS\SYSWOW64\F12
2016-05-04 23:02:24 ----D---- C:\WINDOWS\SYSWOW64\winrm
2016-05-04 23:02:24 ----D---- C:\WINDOWS\SYSWOW64\WCN
2016-05-04 23:02:24 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2016-05-04 23:02:24 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2016-05-04 23:02:23 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2016-05-04 23:02:23 ----SD---- C:\WINDOWS\system32\F12
2016-05-04 23:02:23 ----D---- C:\WINDOWS\SYSWOW64\en
2016-05-04 23:02:23 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2016-05-04 23:02:23 ----D---- C:\WINDOWS\system32\winrm
2016-05-04 23:02:23 ----D---- C:\WINDOWS\system32\WCN
2016-05-04 23:02:23 ----D---- C:\WINDOWS\system32\slmgr
2016-05-04 23:02:23 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2016-05-04 23:02:23 ----D---- C:\WINDOWS\system32\migwiz
2016-05-04 23:02:22 ----SD---- C:\WINDOWS\system32\DiagSvcs
2016-05-04 23:02:22 ----RD---- C:\WINDOWS\MiracastView
2016-05-04 23:02:22 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-05-04 23:02:22 ----RD---- C:\WINDOWS\DevicesFlow
2016-05-04 23:02:22 ----D---- C:\WINDOWS\system32\en
2016-05-04 23:02:22 ----D---- C:\WINDOWS\system32\drivers\en-US
2016-05-04 23:02:22 ----D---- C:\WINDOWS\servicing
2016-05-04 23:02:22 ----D---- C:\WINDOWS\en-US
2016-05-04 23:02:22 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-05-04 23:02:22 ----D---- C:\Program Files (x86)\Windows Media Player
2016-05-04 23:02:22 ----D---- C:\Program Files (x86)\Windows Defender
2016-05-04 23:02:21 ----D---- C:\Program Files\Windows Photo Viewer
2016-05-04 23:02:21 ----D---- C:\Program Files\Windows Defender
2016-05-04 22:57:03 ----SD---- C:\WINDOWS\system32\Microsoft
2016-05-04 22:54:34 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-05-04 22:54:34 ----D---- C:\WINDOWS\system32\MUI
2016-05-04 22:41:39 ----D---- C:\Program Files\Windows NT
2016-05-04 22:41:23 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-05-04 22:41:14 ----D---- C:\WINDOWS\SoftwareDistribution
2016-05-04 22:39:52 ----D---- C:\WINDOWS\Registration
2016-05-04 22:33:30 ----D---- C:\WINDOWS\system32\wbem
2016-05-04 22:33:20 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2016-05-04 22:28:31 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-05-04 22:28:30 ----RSD---- C:\WINDOWS\Fonts
2016-05-04 22:28:30 ----D---- C:\WINDOWS\ModemLogs
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2016-05-04 22:25:49 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\Lenovo
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2016-05-04 22:25:48 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2016-05-04 22:25:47 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2016-05-04 22:25:47 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2016-05-04 22:25:47 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2016-05-04 22:25:47 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2016-05-04 22:25:47 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2016-05-04 22:25:47 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2016-05-04 22:25:47 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2016-05-04 22:25:46 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-05-04 22:25:46 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2016-05-04 22:25:46 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2016-05-04 22:25:46 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2016-05-04 22:25:45 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2016-05-04 22:25:45 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2016-05-04 22:25:44 ----HD---- C:\WINDOWS\system32\WLANProfiles
2016-05-04 22:25:44 ----D---- C:\WINDOWS\system32\zh-TW
2016-05-04 22:25:44 ----D---- C:\WINDOWS\system32\zh-HK
2016-05-04 22:25:44 ----D---- C:\WINDOWS\system32\zh-CN
2016-05-04 22:25:42 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-05-04 22:25:42 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-05-04 22:25:42 ----D---- C:\WINDOWS\system32\uk-UA
2016-05-04 22:25:42 ----D---- C:\WINDOWS\system32\tr-TR
2016-05-04 22:25:42 ----D---- C:\WINDOWS\system32\th-TH
2016-05-04 22:25:42 ----D---- C:\WINDOWS\system32\sv-SE
2016-05-04 22:25:42 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-05-04 22:25:40 ----D---- C:\WINDOWS\system32\sl-SI
2016-05-04 22:25:40 ----D---- C:\WINDOWS\system32\sk-SK
2016-05-04 22:25:40 ----D---- C:\WINDOWS\system32\ru-RU
2016-05-04 22:25:40 ----D---- C:\WINDOWS\system32\ro-RO
2016-05-04 22:25:40 ----D---- C:\WINDOWS\system32\pt-PT
2016-05-04 22:25:40 ----D---- C:\WINDOWS\system32\pt-BR
2016-05-04 22:25:40 ----D---- C:\WINDOWS\system32\pl-PL
2016-05-04 22:25:39 ----D---- C:\WINDOWS\system32\nl-NL
2016-05-04 22:25:39 ----D---- C:\WINDOWS\system32\nb-NO
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\lv-LV
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\lt-LT
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\Lenovo
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\ko-KR
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\ja-JP
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\it-IT
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\InputMethod
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\hu-HU
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\hr-HR
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\he-IL
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\fr-FR
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\fi-FI
2016-05-04 22:25:38 ----D---- C:\WINDOWS\system32\et-EE
2016-05-04 22:25:37 ----D---- C:\WINDOWS\system32\es-ES
2016-05-04 22:25:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-05-04 22:25:36 ----D---- C:\WINDOWS\system32\en-GB
2016-05-04 22:25:36 ----D---- C:\WINDOWS\system32\el-GR
2016-05-04 22:25:35 ----D---- C:\WINDOWS\system32\de-DE
2016-05-04 22:25:35 ----D---- C:\WINDOWS\system32\da-DK
2016-05-04 22:24:33 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-05-04 22:23:53 ----D---- C:\WINDOWS\system32\bg-BG
2016-05-04 22:23:53 ----D---- C:\WINDOWS\system32\ar-SA
2016-05-04 22:23:48 ----D---- C:\WINDOWS\MediaViewer
2016-05-04 22:23:44 ----D---- C:\WINDOWS\InputMethod
2016-05-04 22:23:40 ----D---- C:\WINDOWS\ADFS
2016-05-04 22:23:38 ----RD---- C:\Users
2016-05-04 22:23:32 ----D---- C:\Program Files (x86)\Windows Mail
2016-05-04 22:23:32 ----D---- C:\Program Files (x86)\Lenovo
2016-05-04 22:23:30 ----D---- C:\Program Files (x86)\Intel
2016-05-04 22:23:29 ----D---- C:\Program Files\Windows Mail
2016-05-04 22:23:28 ----AD---- C:\Program Files\Lenovo
2016-05-04 22:23:26 ----D---- C:\Program Files\Common Files\microsoft shared
2016-05-04 22:23:26 ----D---- C:\Program Files\Common Files
2016-05-04 22:23:10 ----D---- C:\WINDOWS\system32\Recovery
2016-05-04 22:21:14 ----D---- C:\WINDOWS\system32\Sysprep
2016-05-04 22:18:53 ----D---- C:\WINDOWS\twain_32
2016-05-04 22:18:09 ----D---- C:\AMD
2016-05-04 22:17:40 ----HD---- C:\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem13.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-04-29 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-04-29 287528]
R0 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [2015-10-22 72808]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-10-10 1398936]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-04-29 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-04-29 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-04-29 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-04-29 465792]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-13 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-04-29 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-04-29 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-04-29 166432]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem29.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-02-13 35064]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-04-22 23969776]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-04-22 679912]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-04-23 84992]
R3 CnxtHdAudService;@oem56.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-05-19 1543912]
R3 ibtusb;@oem49.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 KMDFVirtualKbd;@oem25.inf,%KMDFVirtualKbd.SVCDESC%;Lenovo Virtual Keyboard Device; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [2014-08-05 22264]
R3 MEIx64;@oem51.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-10-30 3485696]
R3 rt640x64;@oem54.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSUER;@oem52.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-03 410880]
R3 rtsuvc;@oem26.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-10-22 2584280]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-27 42696]
R3 SynTP;@oem57.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-07-27 618696]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-04-23 112640]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-04-23 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-02-13 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-12-11 42288]
S3 IntcDAud;@oem28.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-12-19 455440]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 KMDFVirtualMouse;Lenovo Virtual Mouse Device; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [2014-08-05 21240]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-05-04 181248]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

[jack h]

2 část

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2015-11-29 138752]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-04-22 254960]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-04-29 243296]
R2 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2015-03-23 560584]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CxAudMsg;Conexant Audio Message Service; C:\windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 FastbootService;FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [2015-10-22 193640]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-10 18584]
R2 ibtsiva.exe;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-08-14 121288]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-09-03 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-09-03 154584]
R2 Lenovo OKO Service;Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2016-01-07 2730280]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-04-10 2016040]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [2014-06-19 258544]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-26 218952]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-09-03 405976]
R2 OKOControlSvc;OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [2016-01-07 369960]
R2 OneSyncSvc_9151fa;Hostitel synchronizace_9151fa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\syswow64\SAsrv.exe [2011-09-01 447104]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-07-27 246472]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 LenovoUpdate;lupdate; C:\WINDOWS\System32\LenovoUpdate.exe [2016-05-28 26608]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_9151fa;Data kontaktů_9151fa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3607e;Hostitel synchronizace_3607e; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24 107848]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-14 887256]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25 178312]
S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\cammute.exe [2015-03-23 456136]
S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2015-03-23 453576]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2015-03-23 625608]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-17 272776]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_9151fa;Služba zasílání zpráv_9151fa; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

[Roli]

Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


P.S. Pokud jsi použil Mbam který tam máš našel něco ?

[jack h]

Ahoj, ccleaner jsem prohnal, jen ty nástroje a programy jsem nechal, sice asi skoro nic nepoužívám ale nevím co je čeho součástí, tak abych nenadělal víc škody než užitku.

# AdwCleaner v5.118 - Log vytvořen 30/05/2016 v 18:29:38
# Aktualizováno 23/05/2016 by Xplode
# Databáze : 2016-05-30.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : dusan - LENOVO-PC
# Spuštěno z : C:\Users\dusan\Desktop\adwcleaner_5.118.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

[-] Složka Smazáno : C:\Users\dusan\AppData\Local\SweetLabs App Platform

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\WINDOWS\SysWOW64\VisualDiscovery.ini
[-] Soubor Smazáno : C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
[-] Soubor Smazáno : C:\WINDOWS\SysNative\VisualDiscoveryOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKCU\Software\Classes\pokki
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Klíč Smazáno : HKLM\SOFTWARE\LENOVO\VisualDiscovery
[-] Klíč Smazáno : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
[-] Klíč Smazáno : HKLM\SOFTWARE\VisualDiscovery
[-] Hodnota Smazáno : HKU\S-1-5-21-2735934556-1729875848-1389610522-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2543 bytů] - [30/05/2016 18:29:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [2598 bytů] - [30/05/2016 18:28:19]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2689 bytů] ##########


Mbam jsem včera stáhnul a spustil a po dokončení dál nic nedělal(jen abych věděl co mě případně čeká, docela často se tady používá), tohle z toho vypadlo.

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2016.05.28.04

Windows 8 x64 NTFS
Internet Explorer 11.306.10586.0
dusan :: LENOVO-PC [administrátor]

28. 5. 2016 15:28:46
MBAM-log-2016-05-28 (17-20-41).txt

Typ: Kompletní kontrola (C:\|D:\|F:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 655666
Uplynulý čas: 1 hodin, 42 minut, 25 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKLM\SOFTWARE\Superfish Inc. VisualDiscovery (PUP.Optional.VisualDiscovery) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Lenovo\VisualDiscovery (PUP.Optional.VisualDiscovery) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Windows\System32\VisualDiscovery.ini (PUP.Optional.VisualDiscovery) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\VisualDiscovery.ini (PUP.Optional.VisualDiscovery) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\VisualDiscoveryOff.ini (PUP.Optional.Winsock.WnskRST) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\VisualDiscoveryOff.ini (PUP.Optional.Winsock.WnskRST) -> Nebyla provedena žádná instrukce.

(konec)

[Roli]

To co Mbam našel nech smazat.


Spusť skener Cure It podle TOHOTO návodu

po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)

[jack h]

To co Mbam předtím našel jsem nevěděl jak smazat (nikde jsem tu možnost nenašel), tak jsem to nechal projet znovu, to už nic nenašel.

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 31. 5. 2016
Čas skenování: 18:40
Protokol: mbam 2.2.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.05.31.03
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: dusan

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 728011
Uplynulý čas: 3 hod, 49 min, 2 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Z Cure It vyšlo toto:

Express scan

Total 11714378774 bytes in 36666 files scanned (43460 objects)
Total 36633 files (43419 objects) are clean
There are no infected objects detected
Total 41 files are raised error condition
Scan time is 00:16:52.281

Vlastní prohledávání (zatrhnuty disky C: a D:)

Total 70735587626 bytes in 403316 files scanned (556215 objects)
Total 403235 files (556134 objects) are clean
Total 1 file are infected
Total 80 files are raised error condition
Scan time is 01:33:05.931

-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------

C:\Program Files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini - quarantined

Total 70735587626 bytes in 403316 files scanned (556215 objects)
Total 403235 files (556134 objects) are clean
Total 1 file are infected
Total 1 file are neutralized
Total 80 files are raised error condition
Scan time is 01:33:05.931

[Roli]

Bezva, ještě zlikvidujem zbytečnosti.


Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)
lupdate (LenovoUpdate)
Cyberlink RichVideo64 Service(CRVS)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


V Knihovně Plánovače úloh zakaž Google Update bude to tam vícekrát.


Nakonec odinstaluj SUPERAntiSpyware.


Pak dej vědět jak se PC chová.

[jack h]

Vše provedeno, vypadá to že se pc chová normálně, tak doufám že je bez havěti. Jen po vypnutí těch věcí nešel aktualizovat prohlížeč chrome, tak jsem to spustil aktualizoval a zase vypnul a teď provede kontrolu i při vypnutých funkcích tak uvidím příště. A jestli můžu otázku, proč nepoužívat někdy SUPERAntiSpyware na kontrolu případné havěti, nebo co tedy případně používat?

[Roli]

PC je čisté, proč nepoužívat SAS ? No proto, že už jsou lepší nástroje (Mbam, Cure It).

A pokud si nebudeš jistý není nic jednoduššího sem dát log a my to omrknem

[jack h]

Ok tak ještě jednou díky moc a možná někdy příště ahoj.

[Roli]

Není zač, měj se a