Logfile of random's system information tool 1.10 (written by random/random)
Run by Chuck at 2016-07-11 14:11:53
Microsoft Windows 10 Home
System drive C: has 75 GB (49%) free of 155 GB
Total RAM: 3552 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:11:55, on pondělí.11.7.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Users\Karol\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Sandboxie\32\SbieSvc.exe
D:\Karol\Archive\1. Extensions\Software\Portable\x32\Auto Runs\Task Managers\ProcessMonitorPortable\ProcessMonitorPortable.exe
D:\Karol\Archive\1. Extensions\Software\Portable\x32\Auto Runs\Task Managers\ProcessMonitorPortable\App\ProcessMonitor\Procmon.exe
C:\Program Files (x86)\Productivity Scientific GTD Timer\Bin\GTDTimer.exe
C:\Program Files\trend micro\Chuck.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Chuck\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2887156172-1520988294-1417751805-1001\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" (User 'Karol')
O8 - Extra context menu item: Download all links with IDM - C:\Users\Chuck\AppData\Local\Temp\OfficeDC\_tools\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Users\Chuck\AppData\Local\Temp\OfficeDC\_tools\IEExt.htm
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - https://catalog.update.microsoft.com/v7 ... 9752415659
O17 - HKLM\System\CCS\Services\Tcpip\..\{2508402f-fc23-405d-9be1-0807e7b591ec}: NameServer = 217.31.204.130,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{6b6b6657-24fa-428a-97e3-eac93fe593a1}: NameServer = 217.31.204.130,8.8.8.8,
O17 - HKLM\System\CCS\Services\Tcpip\..\{cfb4d86f-a4e0-46cc-ae6f-d73ad906d54a}: NameServer = 217.31.204.130,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{2508402f-fc23-405d-9be1-0807e7b591ec}: NameServer = 217.31.204.130,8.8.8.8
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Everything - Unknown owner - C:\Program Files\Everything\Everything.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem18.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Paramount Software UK Ltd - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 13150 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
dashost.exe {cff7b45e-574e-49b2-9cec0e8f93f6ab01}
"C:\Program Files (x86)\AOMEI Backupper\ABService.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files\Everything\Everything.exe" -svc
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Windows\SysWOW64\vmnat.exe
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files\Macrium\Reflect\ReflectService.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
"C:\Program Files\Everything\Everything.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\Karol\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Windows\System32\taskmgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"D:\Karol\Archive\1. Extensions\Software\Portable\x32\Fan Control\NoteBookFanControl-0.14.4.60.beta\NoteBookFanControl.exe"
"C:\Program Files\Sandboxie\SbieSvc.exe" Sandboxie_GuiProxy_00000001,1612
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Sandboxie\SandboxieRpcSs.exe"
"C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Sandboxie\32\SbieSvc.exe" Sandboxie_ComProxy_S-1-5-21-2887156172-1520988294-1417751805-1001_DefaultBox_1_1_:
"C:\Program Files\Sandboxie\SandboxieCrypto.exe"
"D:\Karol\Archive\1. Extensions\Software\Portable\x32\Auto Runs\Task Managers\ProcessMonitorPortable\ProcessMonitorPortable.exe"
"D:\Karol\Archive\1. Extensions\Software\Portable\x32\Auto Runs\Task Managers\ProcessMonitorPortable\App\ProcessMonitor\Procmon.exe"
"C:\Users\Chuck\AppData\Local\Temp\ProcessMonitorPortableTemp\Procmon64.exe" /originalpath "D:\Karol\Archive\1. Extensions\Software\Portable\x32\Auto Runs\Task Managers\ProcessMonitorPortable\App\ProcessMonitor\Procmon.exe"
"C:\Program Files (x86)\Productivity Scientific GTD Timer\Bin\GTDTimer.exe"
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.424_none_767fbf7a263fc7d3\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Karol\Desktop\RSITx64.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\HPCeeScheduleForChuck.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForChuck (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\ypbhsodm.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.192 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.192 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-21 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2016-05-17 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-05-17 1741096]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"Everything"=C:\Program Files\Everything\Everything.exe [2014-08-06 1441792]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 3944136]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-10-24 1664000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2016-06-15 797328]
"OneDrive"=C:\Users\Chuck\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-07-02 382144]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-21 767176]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\installed apps\preinstalled\Startup
taskmgr.lnk - C:\Windows\System32\taskmgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-11 12:10:57 ----AH---- C:\WINDOWS\system32\drivers\PROCMON23.SYS
2016-07-11 12:05:58 ----A---- C:\WINDOWS\system32\drivers\PROCEXP152.SYS
2016-07-10 11:02:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-07-10 01:02:03 ----A---- C:\WINDOWS\system32\HPToneCtrls64.dll
2016-07-10 01:02:03 ----A---- C:\WINDOWS\system32\AESTEC64.dll
2016-07-10 01:02:03 ----A---- C:\WINDOWS\system32\AESTAR64.dll
2016-07-10 01:02:03 ----A---- C:\WINDOWS\system32\AESTAC64.dll
2016-07-10 01:02:02 ----A---- C:\WINDOWS\system32\IDTNX.dll
2016-07-10 01:02:01 ----A---- C:\WINDOWS\system32\IDTNJ.exe
2016-07-10 01:02:01 ----A---- C:\WINDOWS\system32\IDTNHP.dll
2016-07-10 01:02:01 ----A---- C:\WINDOWS\system32\IDTNGUI.exe
2016-07-10 01:02:01 ----A---- C:\WINDOWS\system32\AESTCo64.dll
2016-07-10 01:02:00 ----A---- C:\WINDOWS\system32\stlang64.dll
2016-07-10 01:02:00 ----A---- C:\WINDOWS\sttray64.exe
2016-07-09 00:10:04 ----D---- C:\Users\Chuck\AppData\Roaming\Hewlett-Packard
2016-07-05 14:31:03 ----A---- C:\WINDOWS\system32\prm0015.dll
2016-07-04 12:30:13 ----D---- C:\WINDOWS\system32\SleepStudy
2016-07-04 11:33:22 ----AH---- C:\WINDOWS\system32\drivers\PROCMON20.SYS
2016-07-03 14:15:41 ----A---- C:\WINDOWS\system32\drivers\PROCEXP141.SYS
2016-07-02 23:19:08 ----D---- C:\WINDOWS\system32\MRT
2016-07-02 23:19:05 ----A---- C:\WINDOWS\system32\MRT.exe
2016-07-02 21:50:51 ----N---- C:\WINDOWS\system32\stapi64.dll
2016-07-02 21:50:51 ----A---- C:\WINDOWS\system32\stcplx64.dll
2016-07-02 21:50:51 ----A---- C:\WINDOWS\system32\stapo64.dll
2016-07-02 15:57:52 ----DC---- C:\WINDOWS\Panther
2016-07-02 15:57:19 ----SHD---- C:\Recovery
2016-07-02 15:48:21 ----D---- C:\Windows.old
2016-07-02 15:45:43 ----A---- C:\WINDOWS\system32\drivers\dumpsdport.sys
2016-07-02 15:45:41 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-07-02 15:45:40 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-07-02 15:45:39 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-07-02 15:45:39 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-07-02 15:45:39 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-07-02 15:45:39 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2016-07-02 15:45:39 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\fveui.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-07-02 15:45:38 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-07-02 15:45:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-07-02 15:45:37 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-07-02 15:45:37 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-07-02 15:45:37 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-07-02 15:45:24 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-07-02 15:45:24 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-07-02 15:45:24 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-07-02 15:45:24 ----A---- C:\WINDOWS\system32\jscript.dll
2016-07-02 15:45:23 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-07-02 15:45:23 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-07-02 15:45:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-07-02 15:45:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-07-02 15:45:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-07-02 15:45:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-07-02 15:45:22 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-07-02 15:45:21 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-07-02 15:45:20 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-07-02 15:45:20 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-07-02 15:45:20 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-07-02 15:45:20 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-07-02 15:45:20 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-07-02 15:45:19 ----A---- C:\WINDOWS\SYSWOW64\LocationFramework.dll
2016-07-02 15:45:19 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2016-07-02 15:45:19 ----A---- C:\WINDOWS\system32\GnssAdapter.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\ws2_32.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-07-02 15:45:18 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-07-02 15:45:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-07-02 15:45:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-07-02 15:45:15 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-07-02 15:45:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-07-02 15:45:15 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-07-02 15:45:15 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-07-02 15:45:15 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-07-02 15:45:15 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-07-02 15:45:15 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-07-02 15:45:15 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\ws2_32.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\shell32.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\dwminit.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-07-02 15:45:14 ----A---- C:\WINDOWS\explorer.exe
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\vpnike.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\twinui.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\shacct.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\rastls.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\polstore.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\httpprxp.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\httpprxm.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\adhsvc.dll
2016-07-02 15:45:13 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\winresume.exe
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\winload.exe
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\wininet.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\SRH.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\ole32.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\invagent.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\hal.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\gpsvc.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\gpapi.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\devinv.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\aepic.dll
2016-07-02 15:45:07 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\tdlrecover.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\wups.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\usocore.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\tdlrecover.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\setupapi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\provengine.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\omadmclient.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\newdev.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\NetworkUXBroker.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\MTF.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\msi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\internetmail.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\drivers\sdport.sys
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\drivers\Ndu.sys
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\drivers\filecrypt.sys
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\cryptngc.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\browser.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-07-02 15:45:06 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\d3d10level9.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\user32.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\moshost.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\mos.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\InputService.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\cdd.dll
2016-07-02 15:45:05 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\wininit.exe
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\schannel.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\samlib.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\rsaenh.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\mswsock.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\browcli.dll
2016-07-02 15:45:00 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\ByteCodeGenerator.exe
2016-07-02 15:44:59 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\esent.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-07-02 15:44:59 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\hmkd.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\AppContracts.dll
2016-07-02 15:44:58 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\ufxsynopsys.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-07-02 15:44:57 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-07-02 15:36:59 ----D---- C:\ProgramData\ATI
2016-07-02 15:35:35 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2016-07-02 15:35:34 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2016-07-02 15:35:34 ----A---- C:\WINDOWS\system32\prm0009.dll
2016-07-02 15:35:34 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2016-07-02 15:35:34 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2016-07-02 15:31:58 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-07-02 15:31:58 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2016-07-02 15:31:58 ----D---- C:\WINDOWS\system32\msmq
2016-07-02 15:31:58 ----D---- C:\WINDOWS\system32\BestPractices
2016-07-02 15:31:56 ----D---- C:\Program Files\Reference Assemblies
2016-07-02 15:31:56 ----D---- C:\Program Files\MSBuild
2016-07-02 15:31:56 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-07-02 15:31:56 ----D---- C:\Program Files (x86)\MSBuild
2016-07-02 15:31:56 ----D---- C:\inetpub
2016-07-02 15:30:21 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-07-02 15:30:21 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-07-02 15:30:21 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-02 15:30:17 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-07-02 15:30:17 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-07-02 15:30:16 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-07-02 15:26:10 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-07-02 15:12:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2016-07-02 15:09:11 ----SD---- C:\Users\Chuck\AppData\Roaming\Microsoft
2016-07-02 15:07:42 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2016-07-02 15:05:04 ----D---- C:\Program Files\Common Files\Atheros
2016-07-02 15:03:56 ----D---- C:\ProgramData\AMD
2016-07-02 15:03:54 ----AD---- C:\Program Files\ATI Technologies
2016-07-02 15:03:32 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-07-02 15:03:16 ----AD---- C:\Program Files (x86)\ATI Technologies
2016-07-02 15:02:49 ----D---- C:\ProgramData\Package Cache
2016-07-02 15:02:20 ----D---- C:\WINDOWS\system32\SRSLabs
2016-07-02 15:02:14 ----D---- C:\AMD
2016-07-02 15:01:58 ----D---- C:\Program Files\AMD
2016-07-02 15:01:03 ----D---- C:\Program Files\Synaptics
2016-07-02 14:59:54 ----D---- C:\WINDOWS\Prefetch
2016-07-02 14:58:53 ----ASH---- C:\swapfile.sys
2016-06-29 10:53:06 ----D---- C:\Program Files (x86)\Belarc
2016-06-29 10:34:01 ----D---- C:\Users\Chuck\AppData\Roaming\Geek Uninstaller
2016-06-15 12:58:19 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2016-06-15 12:58:16 ----A---- C:\WINDOWS\SYSWOW64\mshtmlmedia.dll
2016-06-15 12:58:12 ----A---- C:\WINDOWS\system32\mshtmlmedia.dll
2016-06-15 12:08:55 ----D---- C:\d7a2dd80f33da7d0c602b75bf2396bba
======List of files/folders modified in the last 1 month======
2016-07-11 14:11:54 ----D---- C:\Program Files\trend micro
2016-07-11 14:10:00 ----D---- C:\WINDOWS\system32\sru
2016-07-11 14:05:46 ----D---- C:\WINDOWS\Temp
2016-07-11 14:02:46 ----D---- C:\WINDOWS\system32\DriverStore
2016-07-11 14:02:17 ----D---- C:\WINDOWS\system32\config
2016-07-11 12:10:57 ----D---- C:\WINDOWS\system32\drivers
2016-07-11 12:09:36 ----AD---- C:\ProgramData\VMware
2016-07-11 11:45:10 ----D---- C:\WINDOWS\Microsoft.NET
2016-07-11 10:29:42 ----D---- C:\Windows
2016-07-11 10:25:15 ----D---- C:\WINDOWS\system32\NDF
2016-07-11 10:23:38 ----D---- C:\WINDOWS\System32
2016-07-11 10:23:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-11 10:23:37 ----D---- C:\WINDOWS\INF
2016-07-11 10:22:26 ----D---- C:\WINDOWS\AppReadiness
2016-07-11 10:17:57 ----D---- C:\WINDOWS\system32\CatRoot
2016-07-10 12:21:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-10 11:14:18 ----D---- C:\WINDOWS\WinSxS
2016-07-10 11:03:15 ----RD---- C:\Program Files (x86)
2016-07-10 01:17:05 ----D---- C:\Users\Chuck\AppData\Roaming\Everything
2016-07-10 01:09:07 ----HD---- C:\Program Files\WindowsApps
2016-07-10 01:07:46 ----D---- C:\ProgramData\Hewlett-Packard
2016-07-10 00:03:37 ----A---- C:\WINDOWS\Sandboxie.ini
2016-07-09 15:28:19 ----SHD---- C:\$RECYCLE.BIN
2016-07-09 15:28:19 ----D---- C:\WINDOWS\CbsTemp
2016-07-09 13:38:36 ----D---- C:\WINDOWS\debug
2016-07-09 00:39:13 ----D---- C:\Program Files\IDT
2016-07-09 00:38:25 ----D---- C:\Swsetup
2016-07-09 00:16:33 ----SHD---- C:\WINDOWS\Installer
2016-07-09 00:16:32 ----RSD---- C:\WINDOWS\assembly
2016-07-09 00:16:29 ----AD---- C:\Program Files (x86)\Hewlett-Packard
2016-07-09 00:11:30 ----D---- C:\WINDOWS\Tasks
2016-07-09 00:11:30 ----D---- C:\WINDOWS\system32\Tasks
2016-07-09 00:07:26 ----D---- C:\WINDOWS\SysWOW64
2016-07-09 00:04:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-07-09 00:02:58 ----SHD---- C:\System Volume Information
2016-07-09 00:01:58 ----RSD---- C:\WINDOWS\Fonts
2016-07-05 21:49:11 ----D---- C:\WINDOWS\system32\WDI
2016-07-05 20:40:01 ----D---- C:\WINDOWS\Logs
2016-07-05 14:31:09 ----D---- C:\WINDOWS\OCR
2016-07-04 11:47:28 ----D---- C:\Program Files (x86)\Vivaldi
2016-07-04 10:43:18 ----RD---- C:\Users
2016-07-03 14:56:12 ----AD---- C:\Program Files (x86)\AOMEI Backupper
2016-07-03 11:12:09 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-07-02 17:18:07 ----D---- C:\ProgramData\Microsoft Help
2016-07-02 17:13:49 ----D---- C:\WINDOWS\system32\restore
2016-07-02 16:26:47 ----D---- C:\WINDOWS\system32\LogFiles
2016-07-02 16:17:59 ----SD---- C:\ProgramData\Microsoft
2016-07-02 15:47:15 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-07-02 15:47:15 ----D---- C:\WINDOWS\system32\wbem
2016-07-02 15:47:15 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-07-02 15:47:15 ----D---- C:\WINDOWS\system32\oobe
2016-07-02 15:47:14 ----SD---- C:\WINDOWS\system32\DiagSvcs
2016-07-02 15:47:14 ----D---- C:\WINDOWS\system32\Boot
2016-07-02 15:47:14 ----D---- C:\WINDOWS\system32\appraiser
2016-07-02 15:47:14 ----D---- C:\WINDOWS\Provisioning
2016-07-02 15:47:14 ----D---- C:\WINDOWS\PolicyDefinitions
2016-07-02 15:47:13 ----D---- C:\WINDOWS\bcastdvr
2016-07-02 15:47:13 ----D---- C:\WINDOWS\AppPatch
2016-07-02 15:47:13 ----D---- C:\Program Files\Windows Journal
2016-07-02 15:47:13 ----D---- C:\Program Files\Internet Explorer
2016-07-02 15:47:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-02 15:44:57 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-07-02 15:36:59 ----HD---- C:\ProgramData
2016-07-02 15:36:38 ----SD---- C:\WINDOWS\system32\Microsoft
2016-07-02 15:31:58 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-07-02 15:31:58 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2016-07-02 15:31:58 ----D---- C:\WINDOWS\system32\MUI
2016-07-02 15:31:58 ----D---- C:\WINDOWS\system32\inetsrv
2016-07-02 15:31:47 ----D---- C:\WINDOWS\appcompat
2016-07-02 15:31:47 ----A---- C:\WINDOWS\SYSWOW64\mqsnap.dll
2016-07-02 15:31:47 ----A---- C:\WINDOWS\SYSWOW64\mqcertui.dll
2016-07-02 15:31:45 ----A---- C:\WINDOWS\system32\wamregps.dll
2016-07-02 15:31:45 ----A---- C:\WINDOWS\system32\iisRtl.dll
2016-07-02 15:31:45 ----A---- C:\WINDOWS\system32\iisreset.exe
2016-07-02 15:31:45 ----A---- C:\WINDOWS\system32\ahadmin.dll
2016-07-02 15:31:45 ----A---- C:\WINDOWS\system32\admwprox.dll
2016-07-02 15:31:44 ----A---- C:\WINDOWS\system32\iisrstap.dll
2016-07-02 15:31:37 ----A---- C:\WINDOWS\SYSWOW64\wamregps.dll
2016-07-02 15:31:37 ----A---- C:\WINDOWS\SYSWOW64\iisRtl.dll
2016-07-02 15:31:37 ----A---- C:\WINDOWS\SYSWOW64\iisrstap.dll
2016-07-02 15:31:37 ----A---- C:\WINDOWS\SYSWOW64\iisreset.exe
2016-07-02 15:31:37 ----A---- C:\WINDOWS\SYSWOW64\ahadmin.dll
2016-07-02 15:31:37 ----A---- C:\WINDOWS\SYSWOW64\admwprox.dll
2016-07-02 15:31:36 ----A---- C:\WINDOWS\system32\mqrt.dll
2016-07-02 15:31:30 ----A---- C:\WINDOWS\SYSWOW64\mqoa.dll
2016-07-02 15:31:25 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2016-07-02 15:31:22 ----A---- C:\WINDOWS\system32\mqutil.dll
2016-07-02 15:31:15 ----A---- C:\WINDOWS\system32\mqsnap.dll
2016-07-02 15:31:15 ----A---- C:\WINDOWS\system32\mqcertui.dll
2016-07-02 15:31:10 ----A---- C:\WINDOWS\system32\mqoa.dll
2016-07-02 15:31:09 ----A---- C:\WINDOWS\SYSWOW64\mqrt.dll
2016-07-02 15:31:03 ----A---- C:\WINDOWS\system32\mqqm.dll
2016-07-02 15:30:57 ----A---- C:\WINDOWS\SYSWOW64\mqutil.dll
2016-07-02 15:30:54 ----A---- C:\WINDOWS\system32\mqsvc.exe
2016-07-02 15:30:54 ----A---- C:\WINDOWS\system32\mqbkup.exe
2016-07-02 15:29:56 ----D---- C:\WINDOWS\rescache
2016-07-02 15:28:42 ----D---- C:\WINDOWS\SoftwareDistribution
2016-07-02 15:27:55 ----D---- C:\Program Files\Windows NT
2016-07-02 15:27:47 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-07-02 15:26:43 ----D---- C:\WINDOWS\Registration
2016-07-02 15:26:08 ----D---- C:\WINDOWS\system32\drivers\etc
2016-07-02 15:25:59 ----RSD---- C:\WINDOWS\Media
2016-07-02 15:21:25 ----D---- C:\WINDOWS\system32\catroot2
2016-07-02 15:18:05 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\zh-TW
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\zh-CN
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\tr-TR
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\sv-SE
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\ru-RU
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\pt-PT
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\pl-PL
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\OEM
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\nn-NO
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\nl-NL
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\ko-KR
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\ja-JP
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\it-IT
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\hu-HU
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\fr-FR
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\fi-FI
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\es-ES
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\en-US
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\el-GR
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\de-DE
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\da-DK
2016-07-02 15:18:04 ----D---- C:\WINDOWS\system32\cs-CZ
2016-07-02 15:18:03 ----D---- C:\WINDOWS\ShellNew
2016-07-02 15:18:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2016-07-02 15:18:02 ----D---- C:\WINDOWS\en
2016-07-02 15:18:02 ----D---- C:\WINDOWS\cs
2016-07-02 15:18:02 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-07-02 15:18:02 ----AD---- C:\Program Files (x86)\Bluetooth Suite
2016-07-02 15:13:23 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2016-07-02 15:13:23 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2016-07-02 15:13:23 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\SDA
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2016-07-02 15:13:22 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\IME
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2016-07-02 15:13:21 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2016-07-02 15:13:20 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2016-07-02 15:13:20 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2016-07-02 15:13:20 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-07-02 15:13:20 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2016-07-02 15:13:20 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2016-07-02 15:13:20 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-07-02 15:13:19 ----AD---- C:\WINDOWS\SYSWOW64\Adobe
2016-07-02 15:13:17 ----D---- C:\WINDOWS\system32\zh-HK
2016-07-02 15:13:15 ----D---- C:\WINDOWS\system32\pt-BR
2016-07-02 15:13:15 ----D---- C:\WINDOWS\system32\oodag
2016-07-02 15:13:15 ----D---- C:\WINDOWS\system32\nb-NO
2016-07-02 15:13:15 ----D---- C:\WINDOWS\system32\migration
2016-07-02 15:13:15 ----D---- C:\WINDOWS\system32\IME
2016-07-02 15:13:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-07-02 15:13:14 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-07-02 15:12:31 ----D---- C:\WINDOWS\schemas
2016-07-02 15:12:27 ----D---- C:\WINDOWS\LiveKernelReports
2016-07-02 15:12:20 ----D---- C:\WINDOWS\ehome
2016-07-02 15:12:10 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-07-02 15:12:10 ----D---- C:\Program Files (x86)\Windows Mail
2016-07-02 15:12:10 ----AD---- C:\Program Files (x86)\Microsoft.NET
2016-07-02 15:12:09 ----D---- C:\Program Files (x86)\Common Files
2016-07-02 15:12:07 ----SHD---- C:\Program Files\Windows Sidebar
2016-07-02 15:12:07 ----RD---- C:\Program Files
2016-07-02 15:12:07 ----D---- C:\Program Files\Windows Mail
2016-07-02 15:12:06 ----D---- C:\Program Files\Microsoft Games
2016-07-02 15:12:06 ----D---- C:\Program Files\DVD Maker
2016-07-02 15:12:06 ----D---- C:\Program Files\Common Files
2016-07-02 15:12:05 ----AD---- C:\Program Files\Common Files\microsoft shared
2016-07-02 15:11:18 ----D---- C:\WINDOWS\system32\Recovery
2016-07-02 15:09:21 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-07-02 15:07:07 ----D---- C:\WINDOWS\system32\Sysprep
2016-07-02 14:07:38 ----HD---- C:\$WINDOWS.~BT
2016-07-01 22:50:13 ----D---- C:\ProgramData\AomeiBR
2016-06-21 11:22:09 ----A---- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2016-06-17 02:11:18 ----D---- C:\Program Files\Sandboxie
2016-06-15 22:40:57 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-06-15 11:09:18 ----A---- C:\WINDOWS\win.ini
2016-06-14 20:33:01 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\WINDOWS\system32\ambakdrv.sys [2015-02-26 30648]
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2012-10-12 82600]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2012-10-12 42664]
R0 hpdskflt;@oem18.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 19152]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-02 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2015-02-26 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2015-02-26 17848]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-10-21 55488]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 Accelerometer;@oem18.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-10-08 21654032]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-10-08 685064]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2015-10-30 4207104]
R3 AtiHDAudioService;@oem58.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 BTATH_BUS;@oem23.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-25 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2016-07-02 84992]
R3 HpqKbFiltr;@oem21.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2011-07-18 25912]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2012-07-31 175928]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 mcdbus;@oem6.inf,%mcdbus_SvcDesc%;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\System32\drivers\mcdbus.sys [2009-02-24 255552]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-07-02 175616]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2016-06-15 204944]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2012-10-24 543744]
R3 SynTP;@oem61.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-07-03 614088]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2015-11-10 19568]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-07-02 112640]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2016-07-02 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-04-27 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\drivers\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\drivers\nusb3xhc.sys [2010-07-27 180224]
S3 PSMounterEx;Macrium Reflect Image Explorer Driver; \??\C:\Windows\system32\drivers\psmounterex.sys [2015-10-12 168968]
S3 PSVolAcc;PSVolAcc; C:\WINDOWS\system32\drivers\PSVolAcc.sys [2014-07-21 12760]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-02 181248]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-07-02 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-10-08 264224]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-21 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [2015-09-15 29912]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Everything;Everything; C:\Program Files\Everything\Everything.exe [2014-08-06 1441792]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;@oem18.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-02-18 26680]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-07-02 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_45523;Hostitel synchronizace_45523; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2015-10-12 3476432]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2016-06-15 197264]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-10-24 327680]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_46494;Hostitel synchronizace_46494; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_45523;Služba zasílání zpráv_45523; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-07-10 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-01-21 5132888]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_45523;Data kontaktů_45523; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 DiagTrack;Propojená uživatelská prostředí a telemetrie; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: preventivní kontrola
Zdravím!
Log vypadá čistý.
Log vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: preventivní kontrola
OK. Díky za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: preventivní kontrola
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?