Svchost žere 25% CPU neustále

[venim]

Dobrý den,
prosím o pomoc s nadměrným využitím CPU. Výmluvnější obrázek v příloze.

Děkuji.

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[SaTaN_SaM]

Zdravím,
mám úplně stejný problém. Byl jsem ochotný přeinstalovat win (WIN7 ultimate x64) a problém přetrvává bez jakékoliv instalace jedinného programu. Takže po standartní instalaci po 5minutách naběhne svchost.exe a žere 25% procesoru (i5 6600). Samozřejmě jsem po té doinstaloval ovladače na základní desku, grafiku a eset. Postupoval jsem dle tohoto tématu a tedy nebudu zakládat nové.

Přikládaám tedy log z FRST i addition.rar


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by SaM_SaTaN (administrator) on PEKLO (30-06-2016 19:50:19)
Running from C:\Users\SaM_SaTaN\Desktop
Loaded Profiles: SaM_SaTaN (Available Profiles: SaM_SaTaN)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(forum.viry.cz) C:\Users\SaM_SaTaN\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-30] (Micro-Star INT'L CO., LTD.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.20 10.255.255.10
Tcpip\..\Interfaces\{FC0CD089-76F4-4DB0-9B88-DCDEDADEDF2E}: [DhcpNameServer] 10.255.255.20 10.255.255.10

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1535736233-411102215-3761096554-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1535736233-411102215-3761096554-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2520928 2016-03-03] (ESET)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [34984 2015-09-03] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingHotkey_Service.exe [2018768 2015-08-14] (Micro-Star INT'L CO., LTD.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1741992 2015-07-30] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-06-18] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
S2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2016-04-14] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2016-04-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53384 2016-04-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84800 2016-04-14] (ESET)
R3 I2cHkBurn; C:\Windows\System32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-28] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-30 19:50 - 2016-06-30 19:50 - 00009420 _____ C:\Users\SaM_SaTaN\Desktop\FRST.txt
2016-06-30 19:49 - 2016-06-30 19:50 - 00000000 ____D C:\FRST
2016-06-30 19:47 - 2016-06-30 19:47 - 00112640 _____ (forum.viry.cz) C:\Users\SaM_SaTaN\Desktop\FRSTLauncher.exe
2016-06-30 19:45 - 2016-06-30 19:45 - 02390016 _____ (Farbar) C:\Users\SaM_SaTaN\Desktop\FRST64.exe
2016-06-30 19:40 - 2016-06-14 22:01 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-06-30 19:39 - 2016-06-30 19:39 - 00000000 ____D C:\Windows\LastGood
2016-06-30 19:39 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-06-30 19:39 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-06-30 19:25 - 2016-06-30 19:25 - 00002027 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-06-30 19:25 - 2016-06-30 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-30 19:25 - 2016-06-30 19:25 - 00000000 ____D C:\ProgramData\ESET
2016-06-30 19:25 - 2016-06-30 19:25 - 00000000 ____D C:\Program Files\ESET
2016-06-30 19:23 - 2016-06-30 19:23 - 00009485 _____ C:\ComboFix.txt
2016-06-30 19:20 - 2016-06-30 19:23 - 00000000 ____D C:\Windows\erdnt
2016-06-30 19:20 - 2016-06-30 19:23 - 00000000 ____D C:\Qoobox
2016-06-30 19:20 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-06-30 19:20 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-06-30 19:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-06-30 19:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-06-30 19:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-06-30 19:20 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-06-30 19:20 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-06-30 19:20 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-06-30 19:16 - 2016-06-30 19:16 - 05659337 ____R (Swearware) C:\Users\SaM_SaTaN\Desktop\ComboFix.exe
2016-06-30 18:47 - 2016-06-30 18:47 - 00008192 __RSH C:\BOOTSECT.BAK
2016-06-30 18:47 - 2016-06-30 17:50 - 00000000 ____D C:\Windows\Panther
2016-06-30 18:47 - 2010-11-21 05:23 - 00383786 __RSH C:\bootmgr
2016-06-30 18:40 - 2016-06-30 18:40 - 00000000 ___SD C:\Users\SaM_SaTaN\AppData\LocalLow\Temp
2016-06-30 18:40 - 2016-06-30 18:40 - 00000000 ____D C:\Users\SaM_SaTaN\AppData\Local\ESET
2016-06-30 18:37 - 2016-06-30 19:46 - 00007605 _____ C:\Users\SaM_SaTaN\AppData\Local\Resmon.ResmonCfg
2016-06-30 18:36 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-30 18:36 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-30 18:36 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-30 18:36 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-30 18:36 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-30 18:36 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-30 18:36 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-30 18:36 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-30 18:36 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-30 18:36 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-30 18:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-30 18:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-30 18:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-30 18:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-30 18:32 - 2016-06-30 19:40 - 00000000 ____D C:\Users\SaM_SaTaN\AppData\Local\NVIDIA Corporation
2016-06-30 18:31 - 2016-06-30 19:40 - 00000000 ____D C:\Users\SaM_SaTaN\AppData\Local\NVIDIA
2016-06-30 18:28 - 2016-06-30 18:28 - 00001218 _____ C:\Users\Public\Desktop\XSplit Gamecaster.lnk
2016-06-30 18:28 - 2016-06-30 18:28 - 00000000 ____D C:\Users\SaM_SaTaN\AppData\Roaming\SplitmediaLabs
2016-06-30 18:28 - 2016-06-30 18:28 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2016-06-30 18:28 - 2016-06-30 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-06-30 18:28 - 2016-06-30 18:28 - 00000000 ____D C:\Program Files (x86)\SplitmediaLabs
2016-06-30 18:26 - 2016-06-30 19:40 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-06-30 18:26 - 2016-06-30 19:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-30 18:26 - 2016-06-30 19:19 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-30 18:26 - 2016-06-30 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-30 18:26 - 2016-06-30 18:26 - 00003002 _____ C:\Windows\System32\Tasks\MSISW_Host
2016-06-30 18:26 - 2016-06-30 18:26 - 00002031 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2016-06-30 18:26 - 2016-06-30 18:26 - 00001149 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2016-06-30 18:26 - 2016-06-30 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5
2016-06-30 18:26 - 2016-06-30 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-06-30 18:26 - 2016-06-30 18:26 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-30 18:26 - 2016-06-30 18:26 - 00000000 ____D C:\Program Files (x86)\MSI Kombustor 2.5
2016-06-30 18:26 - 2016-06-30 18:26 - 00000000 ____D C:\Program Files (x86)\MSI
2016-06-30 18:26 - 2016-06-14 22:01 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-06-30 18:26 - 2016-06-14 22:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-06-30 18:26 - 2016-06-14 22:01 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-06-30 18:26 - 2016-06-14 22:01 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-06-30 18:26 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-06-30 18:26 - 2015-08-25 20:46 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-06-30 18:26 - 2015-08-25 20:46 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-06-30 18:26 - 2015-08-25 20:46 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-30 18:26 - 2015-08-25 20:46 - 00105264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-06-30 18:26 - 2015-08-25 20:46 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-06-30 18:26 - 2015-08-25 20:46 - 00033025 _____ C:\Windows\system32\nvinfo.pb
2016-06-30 18:26 - 2015-08-25 16:24 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-30 18:26 - 2015-08-25 16:24 - 03496752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-30 18:26 - 2015-08-25 16:24 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-30 18:26 - 2015-08-25 16:24 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-30 18:26 - 2015-08-25 16:24 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-30 18:26 - 2015-08-25 16:24 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-30 18:26 - 2015-08-25 16:08 - 00574072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-06-30 18:26 - 2015-08-25 14:35 - 05165808 _____ C:\Windows\system32\nvcoproc.bin
2016-06-30 18:26 - 2015-08-18 09:51 - 01692840 _____ (MSI) C:\Windows\SysWOW64\muachost.exe
2016-06-30 18:26 - 2015-08-11 06:52 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\SETCB2A.tmp
2016-06-30 18:26 - 2015-07-27 01:37 - 00041760 _____ (FINTEK Corp.) C:\Windows\system32\Drivers\I2cHkBurn.sys
2016-06-30 18:26 - 2015-07-27 01:37 - 00031520 _____ (TODO: <公司名稱>) C:\Windows\system32\FintekIcon1.dll
2016-06-30 18:26 - 2014-04-30 16:23 - 00011248 _____ (Windows (R) Win 7 DDK provider) C:\Windows\acpimof.dll
2016-06-30 18:26 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-06-30 18:26 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-06-30 18:26 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-06-30 18:26 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-06-30 18:26 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-06-30 18:26 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-06-30 18:25 - 2015-08-25 20:46 - 17082392 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-30 18:25 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-30 18:25 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-30 18:25 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-30 18:25 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll
2016-06-30 18:25 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll
2016-06-30 18:25 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-30 18:25 - 2015-08-25 20:46 - 00944736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 42840368 _____ C:\Windows\system32\nvcompiler.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 37819184 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 14635792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 12515016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 03527696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 03112904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 01106672 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00512904 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00364336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-06-30 18:24 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-06-30 18:23 - 2016-06-30 18:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-30 18:20 - 2016-06-30 18:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-30 18:20 - 2016-06-30 18:20 - 00000000 ____D C:\ProgramData\Intel
2016-06-30 18:20 - 2016-06-30 18:20 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2016-06-30 18:19 - 2016-06-30 18:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-06-30 18:19 - 2016-06-30 18:19 - 00000000 ____D C:\Users\SaM_SaTaN\Intel
2016-06-30 18:16 - 2016-06-30 18:16 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-30 18:16 - 2016-06-30 18:16 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-30 18:16 - 2016-06-30 18:16 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-30 18:16 - 2016-06-30 18:16 - 00000000 ____D C:\Program Files\Realtek
2016-06-30 18:16 - 2014-07-10 04:04 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-06-30 18:16 - 2014-07-10 03:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-06-30 18:16 - 2014-06-26 04:05 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\TpmInit.exe
2016-06-30 18:16 - 2014-06-26 04:05 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-06-30 18:16 - 2014-06-26 04:05 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\tpmcompc.dll
2016-06-30 18:16 - 2014-06-26 03:41 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmInit.exe
2016-06-30 18:16 - 2014-06-26 03:41 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tpmcompc.dll
2016-06-30 18:16 - 2014-05-28 00:49 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-30 18:16 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-06-30 18:16 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-06-30 18:16 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-06-30 18:16 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-06-30 18:15 - 2015-07-30 00:02 - 13120760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 12986528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 05777200 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 05406664 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 05289952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 03299832 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 02984208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 02823280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 02630904 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01435152 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01395768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01331336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01211840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01164336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 01122648 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00998032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00961024 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00888480 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00874736 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00749776 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00699064 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00645464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00596120 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00569440 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2016-06-30 18:15 - 2015-07-30 00:02 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00448584 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00340648 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00224264 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00195192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00172584 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00084624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-30 18:15 - 2015-07-30 00:02 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 72121872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-30 18:15 - 2015-07-30 00:00 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 04577024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-30 18:15 - 2015-07-30 00:00 - 02946304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 02711296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-30 18:15 - 2015-07-30 00:00 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 01759488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 00831352 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 00358272 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 00259288 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2016-06-30 18:15 - 2015-07-30 00:00 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-30 18:15 - 2015-07-29 21:34 - 31085611 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-30 18:15 - 2015-07-29 21:34 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-30 18:15 - 2015-07-29 21:34 - 03091915 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-06-30 18:14 - 2016-06-30 18:16 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-06-30 18:14 - 2016-06-30 18:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-30 18:14 - 2016-06-30 18:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-06-30 18:14 - 2015-07-30 00:02 - 03232960 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 02492152 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 02423480 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00327464 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00310432 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-30 18:14 - 2015-07-30 00:02 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-30 18:14 - 2015-07-30 00:00 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-30 18:14 - 2015-07-30 00:00 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-30 18:14 - 2015-07-30 00:00 - 00953728 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-30 18:14 - 2015-07-30 00:00 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-30 18:14 - 2015-07-30 00:00 - 00118600 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-06-30 18:14 - 2015-06-18 18:53 - 00003130 _____ C:\Windows\system32\e1d62x64.din
2016-06-30 18:14 - 2015-06-18 18:50 - 00501216 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys
2016-06-30 18:14 - 2015-06-17 10:28 - 00090608 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2016-06-30 18:14 - 2015-06-08 10:13 - 02825944 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-06-30 18:14 - 2015-05-08 00:31 - 00404752 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2016-06-30 18:14 - 2015-05-08 00:31 - 00001904 ____N C:\Windows\system32\SetupBD.din
2016-06-30 18:14 - 2014-04-19 12:18 - 00073512 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2016-06-30 18:14 - 2014-04-18 22:17 - 00125728 _____ (Intel Corporation) C:\Windows\system32\NicCo4.dll
2016-06-30 18:13 - 2016-06-30 19:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 18:13 - 2016-06-30 18:20 - 00000000 ____D C:\Program Files\Intel
2016-06-30 18:12 - 2016-06-30 18:27 - 01553692 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-30 18:12 - 2016-06-30 18:26 - 00000000 ____D C:\MSI
2016-06-30 18:12 - 2016-06-30 18:20 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-30 18:12 - 2016-06-30 18:12 - 00000000 ____D C:\Intel
2016-06-30 18:12 - 2015-06-30 12:44 - 00814376 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2016-06-30 18:12 - 2015-06-26 17:13 - 00403752 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2016-06-30 17:51 - 2016-06-30 18:19 - 00000000 ____D C:\Users\SaM_SaTaN
2016-06-30 17:51 - 2016-06-30 17:51 - 00001443 _____ C:\Users\SaM_SaTaN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-30 17:51 - 2016-06-30 17:51 - 00001409 _____ C:\Users\SaM_SaTaN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-06-30 17:51 - 2016-06-30 17:51 - 00000020 ___SH C:\Users\SaM_SaTaN\ntuser.ini
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Šablony
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Soubory cookie
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Poslední
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Okolní tiskárny
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Okolní síť
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Nabídka Start
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Dokumenty
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Documents\Obrázky
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Documents\Hudba
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Documents\Filmy
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\Data aplikací
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 _SHDL C:\Users\SaM_SaTaN\AppData\Local\Data aplikací
2016-06-30 17:51 - 2016-06-30 17:51 - 00000000 ____D C:\Users\SaM_SaTaN\AppData\Local\VirtualStore
2016-06-30 17:51 - 2010-11-21 11:38 - 00000000 ____D C:\Users\SaM_SaTaN\AppData\Roaming\Media Center Programs
2016-06-30 17:50 - 2016-06-30 17:50 - 00203464 __RSH C:\grldr
2016-06-30 17:50 - 2016-06-30 17:50 - 00000012 __RSH C:\win7.ld
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Public\Documents\Obrázky
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Public\Documents\Hudba
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Public\Documents\Filmy
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Šablony
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Poslední
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\ProgramData\Šablony
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\ProgramData\Plocha
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\ProgramData\Oblíbené položky
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\ProgramData\Dokumenty
2016-06-30 17:50 - 2016-06-30 17:50 - 00000000 _SHDL C:\ProgramData\Data aplikací
2016-06-30 17:49 - 2016-06-30 17:49 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-06-30 17:49 - 2016-06-30 17:49 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-30 19:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-30 19:39 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-30 19:39 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-30 19:26 - 2010-11-21 11:27 - 00666922 _____ C:\Windows\system32\perfh005.dat
2016-06-30 19:26 - 2010-11-21 11:27 - 00140100 _____ C:\Windows\system32\perfc005.dat
2016-06-30 19:26 - 2009-07-14 07:13 - 01578746 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-30 19:22 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-06-30 19:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-30 18:47 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-06-30 18:47 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2016-06-30 18:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2016-06-30 17:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-30 17:50 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2016-06-30 17:49 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-30 17:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-06-30 17:48 - 2010-11-21 11:38 - 00000000 ____D C:\Windows\CSC
2016-06-30 17:48 - 2009-07-14 06:45 - 00274736 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2016-06-30 18:37 - 2016-06-30 19:46 - 0007605 _____ () C:\Users\SaM_SaTaN\AppData\Local\Resmon.ResmonCfg
2016-06-30 18:16 - 2016-06-30 18:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-30 17:48

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:223.47 GB) (Free:178.53 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive i: (CORSAIR) (Removable) (Total:7.52 GB) (Free:6.12 GB) FAT32

Available physical RAM: 11977.75 MB
Total physical RAM: 16336.85 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 44B86E48)
Partition 1: (Active) - (Size=223.5 GB) - (Type=07 NTFS)
Disk: 1 (Size: 7.5 GB) (Disk ID: 04DD5721)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 9.0.376.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.376.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\SaM_SaTaN\Desktop" je 7 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Jak je na tom váš oper. systém s legalitou?

[SaTaN_SaM]

No na to odpovím "bohužel", ale již třetí ověřený system (vždy od od přátel a plně funkční - dokonce poslední system přeinstalován na win 10) se stále se opakujícím problémem se svchost.exe. Nemůže být problém v RAMkách??

[Rudy]

Pokud je nelegální, nemůžeme vám podle pravidel pomoci. Viz pravidla: http://forum.viry.cz/viewtopic.php?f=12&t=115512 .

[venim]

Zde přikládám svůj Log, Windows 10 mi nainstalovali v servisu při instalaci SSD, takže doufám že legálně. Ale jak si to ověřit nevím.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Zalman (administrator) on DESKTOP-7GCR5RQ (01-07-2016 07:52:02)
Running from C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads
Loaded Profiles: Zalman (Available Profiles: Zalman & Filip)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Martin Matoušek) C:\Program Files (x86)\NetTrafficStat\netmon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [nettrafficstat] => C:\Program Files (x86)\NetTrafficStat\netmon.exe [5616640 2009-02-09] (Martin Matoušek)
HKLM-x32\...\Run: [MSStp] => C:\WINDOWS\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncwrgtpSrv] => C:\WINDOWS\inf\mncwrgtp.vbe
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [uTorrent] => C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-19] (BitTorrent Inc.)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [14305952 2014-09-29] (Gadwin Systems)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [Spotify Web Helper] => C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-30] (Spotify Ltd)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [GoogleChromeAutoLaunch_6C73E258F25757592FCC0061F8FDA9D7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
IFEO\AUpdate.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\InstStat.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.77.20
Tcpip\..\Interfaces\{8a26d728-1e36-49bd-a3c7-1e276825420d}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{f85283f3-6697-43c1-a966-1293726093d0}: [DhcpNameServer] 192.168.77.20

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-09-18] (IObit)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-29]
CHR Extension: (Google Docs) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-29]
CHR Extension: (Google Drive) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-29]
CHR Extension: (YouTube) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-29]
CHR Extension: (Google Search) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Google Sheets) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Pin It Button) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-04-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Buffer) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2016-06-28]
CHR Extension: (Gmail) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-11-29] () [File not signed]
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 txabsgfyshtsma; c:\windows\SysWOW64\vcakagfs.exe [102400 2014-05-05] ( Company (R)) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [604192 2013-03-19] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-08] (REALiX(tm))
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15648 2014-01-06] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-09-08] (Realtek )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-01 07:52 - 2016-07-01 07:52 - 00016752 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\FRST.txt
2016-07-01 07:51 - 2016-07-01 07:52 - 00000000 ____D C:\FRST
2016-07-01 07:51 - 2016-07-01 07:51 - 02390016 _____ (Farbar) C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\FRST64.exe
2016-06-30 19:47 - 2016-06-14 20:33 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-30 19:47 - 2016-06-14 20:33 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-27 18:13 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-27 18:13 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-27 18:13 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-27 18:13 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-27 18:13 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-27 18:13 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-27 18:13 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-27 18:13 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-27 18:13 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-27 18:13 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-27 18:13 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-27 18:13 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-27 18:13 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-27 18:13 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-27 18:13 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-27 18:13 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-27 18:13 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-27 18:12 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-27 18:12 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-27 18:12 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-27 18:12 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-27 18:12 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-27 18:12 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-27 18:12 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-27 18:12 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-27 18:12 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-27 18:12 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-27 18:12 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-27 18:12 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-27 18:12 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-27 18:12 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-27 18:12 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-27 18:12 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-27 18:12 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-27 18:12 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-27 18:12 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-27 18:12 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-27 18:12 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-27 18:12 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-27 18:12 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-27 18:12 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-27 18:12 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-27 18:12 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-27 18:12 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-27 18:12 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-27 18:12 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-27 18:12 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-27 18:12 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-27 18:12 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-27 18:12 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-27 18:12 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-27 18:12 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-27 18:12 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-27 18:12 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-27 18:12 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-27 18:12 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-27 18:12 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-27 18:12 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-27 18:12 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-27 18:12 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-27 18:12 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-27 18:12 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-27 18:12 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-27 18:12 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-27 18:12 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-27 18:12 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-27 18:12 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-27 18:12 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-27 18:12 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-27 18:12 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-27 18:12 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-27 18:12 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-27 18:12 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-27 18:12 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-27 18:12 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-27 18:12 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-27 18:12 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-27 18:12 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-27 18:12 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-27 18:12 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-27 18:12 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-27 18:12 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-27 18:12 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-27 18:12 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-27 18:12 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-27 18:12 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-27 18:12 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-27 18:12 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-27 18:12 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-27 18:12 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-27 18:12 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-27 18:12 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-27 18:12 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-27 18:12 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-27 18:12 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-27 18:12 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-27 18:12 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-27 18:12 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-27 18:12 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-27 18:12 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-27 18:12 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-27 18:12 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-19 18:30 - 2016-06-28 17:58 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\Desktop\TOP_fotky
2016-06-15 07:10 - 2016-07-01 07:45 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\LocalLow\uTorrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-01 07:52 - 2015-11-30 09:52 - 00000000 ____D C:\ProgramData\nettrafficstat
2016-07-01 07:52 - 2015-09-26 09:51 - 00000000 ____D C:\ProgramData\Temp
2016-07-01 07:51 - 2015-10-30 20:31 - 00750030 _____ C:\WINDOWS\system32\perfh005.dat
2016-07-01 07:51 - 2015-10-30 20:31 - 00150654 _____ C:\WINDOWS\system32\perfc005.dat
2016-07-01 07:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-01 07:51 - 2015-09-07 09:47 - 01036884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 07:50 - 2015-11-29 12:52 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent
2016-07-01 07:48 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 07:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-01 07:47 - 2015-11-29 14:30 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Adobe
2016-07-01 07:46 - 2015-12-14 17:42 - 00016203 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\rgmnr
2016-07-01 07:45 - 2016-05-11 09:21 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-01 07:45 - 2016-01-23 14:43 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-01 07:45 - 2016-01-05 18:35 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ
2016-07-01 07:45 - 2015-09-07 09:41 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-01 07:44 - 2016-01-05 18:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-01 07:44 - 2016-01-05 18:31 - 04895272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-01 07:44 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-01 07:43 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-07-01 07:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-07-01 07:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-30 19:52 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-30 19:50 - 2015-09-07 09:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-30 19:47 - 2015-09-07 09:48 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-29 07:36 - 2016-05-08 16:44 - 00042168 _____ (Sysinternals - http://www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-06-29 07:36 - 2015-12-18 18:06 - 00007601 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Resmon.ResmonCfg
2016-06-27 18:14 - 2015-11-29 12:59 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-27 18:14 - 2015-11-29 12:59 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-26 17:07 - 2015-09-08 08:21 - 00000000 ____D C:\ProgramData\ProductData
2016-06-19 16:23 - 2016-05-14 10:32 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\ElevatedDiagnostics
2016-06-19 16:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-15 22:40 - 2015-09-07 09:50 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-03 16:13 - 2016-04-19 21:52 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\Desktop\FOTOKATALOG

==================== Files in the root of some directories =======

2012-08-15 11:20 - 2012-08-15 11:20 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2015-12-18 18:06 - 2016-06-29 07:36 - 0007601 _____ () C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Resmon.ResmonCfg
2015-09-07 09:48 - 2015-09-07 09:48 - 0000016 _____ () C:\ProgramData\mntemp
2015-09-07 09:48 - 2015-09-07 09:48 - 0005050 _____ () C:\ProgramData\wmzddnmb.cix

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-30 18:06

==================== End of FRST.txt ============================

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[venim]

Zde požadovaný Log


# AdwCleaner v5.201 - Log vytvořen 01/07/2016 v 17:10:20
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-06-30.2 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : Zalman - DESKTOP-7GCR5RQ
# Spuštěno z : C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] Soubor Smazáno : C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1422 bytů] - [18/04/2016 21:40:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [1876 bytů] - [01/07/2016 17:10:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [1230 bytů] - [18/04/2016 21:35:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [1955 bytů] - [01/07/2016 17:08:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2095 bytů] ##########

[venim]

Ještě jsem objevil toto, pokud by to mohlo pomoci.

[Rudy]

Z toho vidím jen to, že vám to žere svchost (správa síť. služeb), a v něm správce instalace. Nestahuje a neinstaluje se něco? Dejte nový log FRST.

[venim]

Nic by se nemělo stahovat ani instalovat. Takto to zlobí už více jak měsíc, a to i když je PC odpojené od internetu.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Zalman (administrator) on DESKTOP-7GCR5RQ (01-07-2016 18:23:00)
Running from C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads
Loaded Profiles: Zalman (Available Profiles: Zalman & Filip)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\uTorrent.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Spotify Ltd) C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Martin Matoušek) C:\Program Files (x86)\NetTrafficStat\netmon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [nettrafficstat] => C:\Program Files (x86)\NetTrafficStat\netmon.exe [5616640 2009-02-09] (Martin Matoušek)
HKLM-x32\...\Run: [MSStp] => C:\WINDOWS\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncwrgtpSrv] => C:\WINDOWS\inf\mncwrgtp.vbe
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [uTorrent] => C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-19] (BitTorrent Inc.)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [Gadwin PrintScreen (64-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen64.exe [14305952 2014-09-29] (Gadwin Systems)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [Spotify Web Helper] => C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-30] (Spotify Ltd)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\Run: [GoogleChromeAutoLaunch_6C73E258F25757592FCC0061F8FDA9D7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-182920772-3357238060-2488037435-1004\...\RunOnce: [Uninstall C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
IFEO\AUpdate.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\InstStat.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.77.20
Tcpip\..\Interfaces\{8a26d728-1e36-49bd-a3c7-1e276825420d}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{f85283f3-6697-43c1-a966-1293726093d0}: [DhcpNameServer] 192.168.77.20

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-09-18] (IObit)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-29]
CHR Extension: (Google Docs) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-29]
CHR Extension: (Google Drive) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-29]
CHR Extension: (YouTube) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-29]
CHR Extension: (Google Search) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Google Sheets) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Pin It Button) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-04-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Buffer) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2016-06-28]
CHR Extension: (Gmail) - C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-11-29] () [File not signed]
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 txabsgfyshtsma; c:\windows\SysWOW64\vcakagfs.exe [102400 2014-05-05] ( Company (R)) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [604192 2013-03-19] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-08] (REALiX(tm))
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15648 2014-01-06] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-09-08] (Realtek )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-01 18:07 - 2016-07-01 18:07 - 03891896 _____ (Stellar Information Systems Ltd ) C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\StellarPhoenixWindowsDataRecovery-Home.exe
2016-07-01 17:52 - 2016-07-01 17:54 - 00001952 _____ C:\WINDOWS\system32\ASOROSet.bin
2016-07-01 17:52 - 2016-07-01 17:52 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup
2016-07-01 17:51 - 2016-07-01 17:51 - 00002502 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Zalman
2016-07-01 17:51 - 2016-07-01 17:51 - 00000312 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Zalman.job
2016-07-01 17:46 - 2016-07-01 17:54 - 00000316 _____ C:\WINDOWS\Tasks\WinThruster_UPDATES.job
2016-07-01 17:46 - 2016-07-01 17:54 - 00000308 _____ C:\WINDOWS\Tasks\WinThruster_DEFAULT.job
2016-07-01 17:46 - 2016-07-01 17:46 - 00003128 _____ C:\WINDOWS\System32\Tasks\WinThruster_UPDATES
2016-07-01 17:46 - 2016-07-01 17:46 - 00002972 _____ C:\WINDOWS\System32\Tasks\WinThruster_DEFAULT
2016-07-01 17:45 - 2016-07-01 17:45 - 03901072 _____ (solvusoft Corporation ) C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\WinThruster_2016_Setup (1).exe
2016-07-01 17:45 - 2016-07-01 17:45 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\Solvusoft
2016-07-01 17:45 - 2015-11-25 13:01 - 00021624 _____ (solvusoft) C:\WINDOWS\system32\roboot64.exe
2016-07-01 17:08 - 2016-07-01 17:08 - 03712064 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\adwcleaner_5.201.exe
2016-07-01 07:57 - 2016-07-01 07:57 - 00010560 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\Desktop\Addition.rar
2016-07-01 07:52 - 2016-07-01 18:23 - 00015395 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\FRST.txt
2016-07-01 07:52 - 2016-07-01 07:53 - 00042233 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\Addition.txt
2016-07-01 07:51 - 2016-07-01 18:23 - 00000000 ____D C:\FRST
2016-07-01 07:51 - 2016-07-01 07:51 - 02390016 _____ (Farbar) C:\Users\Zalman.DESKTOP-7GCR5RQ\Downloads\FRST64.exe
2016-06-30 19:47 - 2016-06-14 20:33 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-30 19:47 - 2016-06-14 20:33 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-27 18:13 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-27 18:13 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-27 18:13 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-27 18:13 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-27 18:13 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-27 18:13 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-27 18:13 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-27 18:13 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-27 18:13 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-27 18:13 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-27 18:13 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-27 18:13 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-27 18:13 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-27 18:13 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-27 18:13 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-27 18:13 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-27 18:13 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-27 18:12 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-27 18:12 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-27 18:12 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-27 18:12 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-27 18:12 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-27 18:12 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-27 18:12 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-27 18:12 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-27 18:12 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-27 18:12 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-27 18:12 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-27 18:12 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-27 18:12 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-27 18:12 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-27 18:12 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-27 18:12 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-27 18:12 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-27 18:12 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-27 18:12 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-27 18:12 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-27 18:12 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-27 18:12 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-27 18:12 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-27 18:12 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-27 18:12 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-27 18:12 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-27 18:12 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-27 18:12 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-27 18:12 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-27 18:12 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-27 18:12 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-27 18:12 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-27 18:12 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-27 18:12 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-27 18:12 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-27 18:12 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-27 18:12 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-27 18:12 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-27 18:12 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-27 18:12 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-27 18:12 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-27 18:12 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-27 18:12 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-27 18:12 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-27 18:12 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-27 18:12 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-27 18:12 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-27 18:12 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-27 18:12 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-27 18:12 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-27 18:12 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-27 18:12 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-27 18:12 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-27 18:12 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-27 18:12 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-27 18:12 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-27 18:12 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-27 18:12 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-27 18:12 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-27 18:12 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-27 18:12 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-27 18:12 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-27 18:12 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-27 18:12 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-27 18:12 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-27 18:12 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-27 18:12 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-27 18:12 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-27 18:12 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-27 18:12 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-27 18:12 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-27 18:12 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-27 18:12 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-27 18:12 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-27 18:12 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-27 18:12 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-27 18:12 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-27 18:12 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-27 18:12 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-27 18:12 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-27 18:12 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-27 18:12 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-27 18:12 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-27 18:12 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-27 18:12 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-27 18:12 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-27 18:12 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-27 18:12 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-27 18:12 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-27 18:12 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-27 18:12 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-27 18:12 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-27 18:12 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-27 18:12 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-27 18:12 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-27 18:12 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-27 18:12 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-27 18:12 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-27 18:12 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-27 18:12 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-27 18:12 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-27 18:12 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-27 18:12 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-27 18:12 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-27 18:12 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-19 18:30 - 2016-06-28 17:58 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\Desktop\TOP_fotky
2016-06-15 07:10 - 2016-07-01 18:17 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\LocalLow\uTorrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-01 18:23 - 2015-11-30 09:52 - 00000000 ____D C:\ProgramData\nettrafficstat
2016-07-01 18:23 - 2015-09-26 09:51 - 00000000 ____D C:\ProgramData\Temp
2016-07-01 18:22 - 2015-11-29 12:52 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Roaming\uTorrent
2016-07-01 18:19 - 2015-12-14 17:42 - 00016220 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\rgmnr
2016-07-01 18:17 - 2016-05-11 09:21 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-01 18:17 - 2016-01-23 14:43 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-01 18:17 - 2016-01-05 18:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-01 18:17 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-01 18:01 - 2015-10-30 20:31 - 00750030 _____ C:\WINDOWS\system32\perfh005.dat
2016-07-01 18:01 - 2015-10-30 20:31 - 00150654 _____ C:\WINDOWS\system32\perfc005.dat
2016-07-01 18:01 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-01 18:01 - 2015-09-07 09:47 - 01036884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 17:56 - 2015-12-18 18:06 - 00007598 _____ C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Resmon.ResmonCfg
2016-07-01 17:55 - 2016-05-14 11:06 - 00000000 ____D C:\Users\Filip
2016-07-01 17:54 - 2016-01-05 18:35 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ
2016-07-01 17:54 - 2015-10-30 08:28 - 76546048 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2016-07-01 17:54 - 2015-10-30 08:28 - 19398656 _____ C:\WINDOWS\system32\config\SYSTEM.bak
2016-07-01 17:54 - 2015-10-30 08:28 - 00040960 _____ C:\WINDOWS\system32\config\SECURITY.bak
2016-07-01 17:40 - 2016-05-08 16:44 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-07-01 17:10 - 2016-04-18 21:34 - 00000000 ____D C:\AdwCleaner
2016-07-01 08:00 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 08:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-01 07:47 - 2015-11-29 14:30 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Adobe
2016-07-01 07:45 - 2015-09-07 09:41 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-01 07:44 - 2016-01-05 18:31 - 04895272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-01 07:43 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-07-01 07:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-07-01 07:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-30 19:52 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-30 19:50 - 2015-09-07 09:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-30 19:47 - 2015-09-07 09:48 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-27 18:14 - 2015-11-29 12:59 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-27 18:14 - 2015-11-29 12:59 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-26 17:07 - 2015-09-08 08:21 - 00000000 ____D C:\ProgramData\ProductData
2016-06-19 16:23 - 2016-05-14 10:32 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\ElevatedDiagnostics
2016-06-19 16:23 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-15 22:40 - 2015-09-07 09:50 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-03 16:13 - 2016-04-19 21:52 - 00000000 ____D C:\Users\Zalman.DESKTOP-7GCR5RQ\Desktop\FOTOKATALOG

==================== Files in the root of some directories =======

2012-08-15 11:20 - 2012-08-15 11:20 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2015-12-18 18:06 - 2016-07-01 17:56 - 0007598 _____ () C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Resmon.ResmonCfg
2015-09-07 09:48 - 2015-09-07 09:48 - 0000016 _____ () C:\ProgramData\mntemp
2015-09-07 09:48 - 2015-09-07 09:48 - 0005050 _____ () C:\ProgramData\wmzddnmb.cix

Some files in TEMP:
====================
C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Temp\libeay32.dll
C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Temp\msvcr120.dll
C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-30 18:06

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [MSStp] => C:\WINDOWS\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncwrgtpSrv] => C:\WINDOWS\inf\mncwrgtp.vbe
C:\WINDOWS\SysWOW64\msstp.vbe
C:\WINDOWS\inf\mncwrgtp.vbe
IFEO\AUpdate.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\InstStat.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
R2 txabsgfyshtsma; c:\windows\SysWOW64\vcakagfs.exe [102400 2014-05-05] ( Company (R)) [File not signed]
C:\WINDOWS\system32\roboot64.exe
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\mntemp
C:\ProgramData\wmzddnmb.cix
C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[venim]

Zde prosím.

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2016
Ran by Zalman (2016-07-01 19:18:20) Run:1
Running from C:\Users\Zalman.DESKTOP-7GCR5RQ\Desktop
Loaded Profiles: Zalman (Available Profiles: Zalman & Filip)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [MSStp] => C:\WINDOWS\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncwrgtpSrv] => C:\WINDOWS\inf\mncwrgtp.vbe
C:\WINDOWS\SysWOW64\msstp.vbe
C:\WINDOWS\inf\mncwrgtp.vbe
IFEO\AUpdate.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\InstStat.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Advanced SystemCare 8\AutoReactivator.exe
R2 txabsgfyshtsma; c:\windows\SysWOW64\vcakagfs.exe [102400 2014-05-05] ( Company (R)) [File not signed]
C:\WINDOWS\system32\roboot64.exe
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\mntemp
C:\ProgramData\wmzddnmb.cix
C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MSStp => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncwrgtpSrv => value removed successfully
C:\WINDOWS\SysWOW64\msstp.vbe => moved successfully
C:\WINDOWS\inf\mncwrgtp.vbe => moved successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AUpdate.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ChangeIcon.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\DriverBooster.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\InstStat.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\IObitDownloader.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MakeSFX.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Promote.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Scheduler.exe" => key removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SetupHlp.exe" => key removed successfully
txabsgfyshtsma => Unable to stop service.
txabsgfyshtsma => service removed successfully
C:\WINDOWS\system32\roboot64.exe => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\mntemp => moved successfully
C:\ProgramData\wmzddnmb.cix => moved successfully

"C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Temp" folder move:

Could not move "C:\Users\Zalman.DESKTOP-7GCR5RQ\AppData\Local\Temp" => Scheduled to move on reboot.

[venim]

Problém stále přetrvává.