Log z RSIT

[EliškaL12]

Logfile of random's system information tool 1.10
Microsoft Windows 10 Home
System drive C: has 796 GB (88%) free of 906 GB
Total RAM: 8106 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:32:00, on 22.08.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17071)

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\letae.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [OneDrive] "C:\Users\letae\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\letae\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\letae\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_4\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\letae\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_4\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Agent (UpdateAgentService) - Unknown owner - C:\Program Files\update\UpdateAgent.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10940 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\igfxCUIService.exe
atieclxx
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\WLANExt.exe 783280600864
C:\WINDOWS\system32\CxAudMsg64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files\update\UpdateAgent.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe

taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe"
"C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\WINDOWS\System32\NetworkUXBroker.exe" -ServerName:Windows.Networking.UX
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Users\letae\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe"
"C:\Users\letae\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE16\CSISYN~1.EXE" -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\letae\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x170
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7116.0.191245406\1665023788" --mojo-application-channel-token=FAAF4F2B3A3E99F4573C8066B1138AF5 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_1/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_27/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,10,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x6660 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2101.0 --gpu-driver-date=6-28-2016 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x1616 --mojo-platform-channel-handle=1192 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_27/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=9087C4F55C01434C74B322F154F59889 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=216D2C271F1453760462D7DDAC22DD67 --mojo-application-channel-token=3DFDDDA9F461CC891F229FFE845DE6CB --channel="7116.3.2025872937\25154838" --mojo-platform-channel-handle=2732 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_27/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=C6C00095D1C0B65F30546BF863E82CF7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=501061E1A644EF6451404B625B5F2F2B --mojo-application-channel-token=0930E5CC9FC6F38FC60320BAD9A4FBFB --channel="7116.6.668988073\871988147" --mojo-platform-channel-handle=2212 /prefetch:1
dashost.exe {a8fd3081-e57d-4e07-abf6d33f8ca74b7f}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_27/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=81E3814C130D34F8FB946D309B68DB6E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2EDFE34070F9D58F73DB2DE00EFC1CA6 --mojo-application-channel-token=42EB489B89E34453F3651461018BDD4D --channel="7116.20.763741594\689398327" --mojo-platform-channel-handle=6224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_27/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=5A84CE02134EDB2C0C53F51BF5E89BEB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=437A2848AEADDDAFB1776D9BDB0BC410 --mojo-application-channel-token=EC8BD2446141F35A8A25CC152B172831 --channel="7116.21.1545078366\79789216" --mojo-platform-channel-handle=4904 /prefetch:1
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey BDEEDF01-3078-D90D-D33D-02DFAED0B45C -Reinvoke
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_1/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_27/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=626F4C8CE59AB71772633EBF57D9CDFD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=442D8029BFFD60A6F9E6BAA4A7EE26F6 --mojo-application-channel-token=FEE02EC98C00D67C32C14940930E3095 --channel="7116.33.1279715840\351768058" --mojo-platform-channel-handle=8680 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 628 632 640 8192 636

C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\letae\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31 226984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~2\Office16\GROOVEEX.DLL [2015-07-31 2165976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2015-07-31 1512152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-25 36352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\letae\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-18 633024]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-07-29 4299968]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [2016-03-24 680528]
"Spotify Web Helper"=C:\Users\letae\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-08-13 1555056]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-07-13 8891608]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-07-13 29494400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\letae\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_4\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-22 17:25:11 ----D---- C:\rsit
2016-08-22 17:25:11 ----D---- C:\Program Files\trend micro
2016-08-22 17:23:25 ----A---- C:\TDSSKiller.3.1.0.11_22.08.2016_17.23.25_log.txt
2016-08-22 17:23:09 ----D---- C:\Users\letae\AppData\Roaming\WinRAR
2016-08-22 16:57:17 ----HD---- C:\OneDriveTemp
2016-08-20 18:08:14 ----D---- C:\Users\letae\AppData\Roaming\AVG
2016-08-20 18:07:06 ----D---- C:\Users\letae\AppData\Roaming\TuneUp Software
2016-08-20 18:05:02 ----D---- C:\ProgramData\MFAData
2016-08-20 18:03:51 ----D---- C:\ProgramData\Avg
2016-08-20 18:03:46 ----HD---- C:\ProgramData\Common Files
2016-08-17 13:34:27 ----D---- C:\ProgramData\Microsoft Toolkit
2016-08-17 13:32:02 ----D---- C:\Program Files\Microsoft.NET
2016-08-17 13:31:46 ----D---- C:\Program Files\Common Files\DESIGNER
2016-08-17 13:31:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-17 13:31:34 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-08-17 13:31:32 ----D---- C:\WINDOWS\PCHEALTH
2016-08-17 13:31:32 ----D---- C:\Program Files\Microsoft SQL Server
2016-08-17 13:30:03 ----D---- C:\Program Files\Microsoft Analysis Services
2016-08-17 13:30:03 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-08-17 13:29:53 ----D---- C:\Program Files (x86)\Microsoft Office
2016-08-17 13:29:52 ----D---- C:\ProgramData\Microsoft Help
2016-08-17 13:29:46 ----RHD---- C:\MSOCache
2016-08-17 12:09:23 ----D---- C:\Program Files\Microsoft Office
2016-08-17 07:29:21 ----D---- C:\AMD
2016-08-17 07:28:46 ----D---- C:\WINDOWS\LastGood.Tmp
2016-08-17 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2016-08-17 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2016-08-17 07:28:19 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-17 07:28:19 ----A---- C:\WINDOWS\system32\GameManager64.dll
2016-08-17 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2016-08-17 07:28:18 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2016-08-17 07:28:18 ----A---- C:\WINDOWS\system32\detoured.dll
2016-08-17 07:28:18 ----A---- C:\WINDOWS\system32\coinst_16.30.dll
2016-08-17 07:28:18 ----A---- C:\WINDOWS\system32\clinfo.exe
2016-08-17 07:28:16 ----A---- C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-08-17 07:28:16 ----A---- C:\WINDOWS\system32\ativvaxy_vi.dat
2016-08-17 07:28:16 ----A---- C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-08-17 07:28:16 ----A---- C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-08-17 07:28:15 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2016-08-17 07:28:15 ----A---- C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-08-17 07:28:15 ----A---- C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-08-17 07:28:15 ----A---- C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-08-17 07:28:15 ----A---- C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-08-17 07:28:15 ----A---- C:\WINDOWS\system32\ativvaxy_cik.dat
2016-08-17 07:28:15 ----A---- C:\WINDOWS\system32\ativce03.dat
2016-08-17 07:28:15 ----A---- C:\WINDOWS\system32\ativce02.dat
2016-08-17 07:28:14 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2016-08-17 07:28:14 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2016-08-17 07:28:14 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2016-08-17 07:28:14 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\system32\atiumd64.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\system32\atitmm64.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\system32\atisamu64.dll
2016-08-17 07:28:13 ----A---- C:\WINDOWS\system32\ATIODE.exe
2016-08-17 07:28:13 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2016-08-17 07:28:11 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2016-08-17 07:28:11 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2016-08-17 07:28:11 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2016-08-17 07:28:11 ----A---- C:\WINDOWS\system32\atio6axx.dll
2016-08-17 07:28:11 ----A---- C:\WINDOWS\system32\atimuixx.dll
2016-08-17 07:28:11 ----A---- C:\WINDOWS\system32\atimpc64.dll
2016-08-17 07:28:11 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2016-08-17 07:28:11 ----A---- C:\WINDOWS\system32\atig6txx.dll
2016-08-17 07:28:10 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2016-08-17 07:28:10 ----A---- C:\WINDOWS\system32\atieah64.exe
2016-08-17 07:28:09 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2016-08-17 07:28:09 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2016-08-17 07:28:09 ----A---- C:\WINDOWS\system32\atidxx64.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2016-08-17 07:28:07 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-08-17 07:28:07 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2016-08-17 07:28:07 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2016-08-17 07:28:07 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-08-17 07:28:07 ----A---- C:\WINDOWS\system32\amfrt64.dll
2016-08-17 07:28:07 ----A---- C:\WINDOWS\system32\amdxc64.dll
2016-08-17 07:28:06 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2016-08-17 07:28:06 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2016-08-17 07:28:06 ----A---- C:\WINDOWS\SYSWOW64\amdoclvp9lib32.dll
2016-08-17 07:28:06 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2016-08-17 07:28:06 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2016-08-17 07:28:06 ----A---- C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-17 07:28:05 ----A---- C:\WINDOWS\system32\amdocl64.dll
2016-08-17 07:28:04 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2016-08-17 07:28:04 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-17 07:28:03 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2016-08-17 07:28:03 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2016-08-17 07:28:03 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2016-08-17 07:28:03 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2016-08-17 07:28:03 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2016-08-17 07:28:03 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2016-08-17 07:28:02 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2016-08-17 07:28:02 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2016-08-17 07:28:02 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2016-08-17 07:28:02 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2016-08-17 07:28:02 ----A---- C:\WINDOWS\system32\amdicdxx.dat
2016-08-17 07:28:02 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2016-08-17 07:28:02 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2016-08-17 07:28:01 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2016-08-17 07:28:01 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2016-08-17 07:28:01 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-17 07:28:01 ----A---- C:\WINDOWS\system32\amde34b.dat
2016-08-17 07:28:01 ----A---- C:\WINDOWS\system32\amde34a.dat
2016-08-17 07:28:01 ----A---- C:\WINDOWS\system32\amde31a.dat
2016-08-17 07:28:01 ----A---- C:\WINDOWS\system32\amdave64.dll
2016-08-16 13:27:46 ----D---- C:\Users\letae\AppData\Roaming\Skype
2016-08-16 13:27:39 ----RD---- C:\Program Files (x86)\Skype
2016-08-16 13:27:33 ----D---- C:\ProgramData\Skype
2016-08-15 08:58:32 ----D---- C:\WINDOWS\system32\SleepStudy
2016-08-14 02:45:24 ----DC---- C:\WINDOWS\Panther
2016-08-14 02:44:34 ----D---- C:\Windows.old
2016-08-14 02:44:05 ----D---- C:\WINDOWS\InfusedApps
2016-08-14 02:43:52 ----D---- C:\WINDOWS\system32\Microsoft
2016-08-14 02:43:06 ----D---- C:\Program Files\Synaptics
2016-08-14 02:42:58 ----D---- C:\WINDOWS\SYSWOW64\sda
2016-08-14 02:41:57 ----D---- C:\WINDOWS\Setup
2016-08-14 02:39:00 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2016-08-14 02:39:00 ----D---- C:\WINDOWS\OCR
2016-08-14 02:38:59 ----D---- C:\Program Files\Reference Assemblies
2016-08-14 02:38:59 ----D---- C:\Program Files\MSBuild
2016-08-14 02:38:59 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-08-14 02:38:59 ----D---- C:\Program Files (x86)\MSBuild
2016-08-14 02:37:55 ----A---- C:\WINDOWS\system32\perfi005.dat
2016-08-14 02:37:55 ----A---- C:\WINDOWS\system32\perfh005.dat
2016-08-14 02:37:55 ----A---- C:\WINDOWS\system32\perfd005.dat
2016-08-14 02:37:55 ----A---- C:\WINDOWS\system32\perfc005.dat
2016-08-14 02:37:10 ----D---- C:\WINDOWS\SYSWOW64\winrm
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\WCN
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\sysprep
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\en
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2016-08-14 02:37:07 ----D---- C:\WINDOWS\SYSWOW64\drivers\cs-CZ
2016-08-14 02:37:06 ----D---- C:\WINDOWS\SYSWOW64\cs
2016-08-14 02:37:06 ----D---- C:\WINDOWS\SYSWOW64\0409
2016-08-14 02:37:06 ----D---- C:\WINDOWS\system32\winrm
2016-08-14 02:37:06 ----D---- C:\WINDOWS\system32\WCN
2016-08-14 02:37:06 ----D---- C:\WINDOWS\system32\slmgr
2016-08-14 02:37:06 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2016-08-14 02:37:06 ----D---- C:\WINDOWS\system32\en
2016-08-14 02:37:05 ----D---- C:\WINDOWS\system32\drivers\en-US
2016-08-14 02:37:05 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-08-14 02:37:05 ----D---- C:\WINDOWS\system32\cs
2016-08-14 02:37:05 ----D---- C:\WINDOWS\system32\0409
2016-08-14 02:37:02 ----D---- C:\WINDOWS\en-US
2016-08-14 02:37:02 ----D---- C:\WINDOWS\DigitalLocker
2016-08-14 02:37:02 ----D---- C:\WINDOWS\cs-CZ
2016-08-14 02:31:59 ----A---- C:\WINDOWS\system32\perfi009.dat
2016-08-14 02:31:59 ----A---- C:\WINDOWS\system32\perfh009.dat
2016-08-14 02:31:59 ----A---- C:\WINDOWS\system32\perfd009.dat
2016-08-14 02:31:59 ----A---- C:\WINDOWS\system32\perfc009.dat
2016-08-14 02:31:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-08-14 02:30:23 ----A---- C:\WINDOWS\SYSWOW64\NOISE.DAT
2016-08-14 02:30:23 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2016-08-14 02:30:22 ----A---- C:\WINDOWS\SYSWOW64\dssec.dat
2016-08-14 02:30:18 ----A---- C:\WINDOWS\system32\NOISE.DAT
2016-08-14 02:30:17 ----A---- C:\WINDOWS\system32\msclmd.dll
2016-08-14 02:30:17 ----A---- C:\WINDOWS\system32\dssec.dat
2016-08-14 02:30:12 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2016-08-14 02:30:12 ----A---- C:\WINDOWS\fonts\desktop.ini
2016-08-14 02:30:11 ----ASH---- C:\Program Files\desktop.ini
2016-08-14 02:30:11 ----ASH---- C:\Program Files (x86)\desktop.ini
2016-08-14 02:30:10 ----SD---- C:\WINDOWS\SYSWOW64\Nui
2016-08-14 02:30:10 ----SD---- C:\WINDOWS\SYSWOW64\F12
2016-08-14 02:30:10 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2016-08-14 02:30:10 ----SD---- C:\WINDOWS\SYSWOW64\Configuration
2016-08-14 02:30:10 ----SD---- C:\WINDOWS\system32\Nui
2016-08-14 02:30:10 ----SD---- C:\WINDOWS\system32\F12
2016-08-14 02:30:10 ----SD---- C:\WINDOWS\system32\dsc
2016-08-14 02:30:10 ----D---- C:\WINDOWS\Web
2016-08-14 02:30:10 ----D---- C:\WINDOWS\Vss
2016-08-14 02:30:10 ----D---- C:\WINDOWS\twain_32
2016-08-14 02:30:10 ----D---- C:\WINDOWS\tracing
2016-08-14 02:30:10 ----D---- C:\WINDOWS\Temp
2016-08-14 02:30:10 ----D---- C:\WINDOWS\Tasks
2016-08-14 02:30:10 ----D---- C:\WINDOWS\TAPI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\WindowsPowerShell
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Tasks
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\sru
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\sppui
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\spp
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Speech_OneCore
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Speech
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\SMI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\setup
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\restore
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Recovery
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\RasToast
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\ras
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\oobe
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\networklist
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\NDF
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\MUI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\MsDtc
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\MSDRM
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\LogFiles
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Licenses
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Ipmi
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\InstallShield
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\InputMethod
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\IME
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\icsxml
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicyUsers
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\FxsTmp
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\DriverStore
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\downlevel
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\config
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Com
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\catroot
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\Bthprops
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\AppLocker
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SYSWOW64\AdvancedInstallers
2016-08-14 02:30:10 ----D---- C:\WINDOWS\syswow64
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SystemResources
2016-08-14 02:30:10 ----D---- C:\WINDOWS\SystemApps
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\zh-TW
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\zh-HK
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\zh-CN
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\WinMetadata
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\winevt
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\wfp
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\WDI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\wbem
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\uk-UA
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\tr-TR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\th-TH
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\Tasks
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\sv-SE
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\sru
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\sppui
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\spp
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\spool
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\Speech_OneCore
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\Speech
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\sl-SI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\sk-SK
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\setup
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\ru-RU
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\ro-RO
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\restore
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\Recovery
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\RasToast
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\ras
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\pt-PT
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\pt-BR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\ProximityToast
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\PointOfService
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\pl-PL
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\oobe
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\nl-NL
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\networklist
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\NDF
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\nb-NO
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\MUI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\MsDtc
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\MSDRM
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\migwiz
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\migration
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\MailContactsCalendarSync
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\Macromed
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\lv-LV
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\lt-LT
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\LogFiles
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\Licenses
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\ko-KR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\ja-JP
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\it-IT
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\Ipmi
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\InputMethod
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\inetsrv
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\IME
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\icsxml
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\ias
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\hu-HU
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\hr-HR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\he-IL
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\FxsTmp
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\fr-FR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\fr-CA
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\fi-FI
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\et-EE
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\es-MX
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\es-ES
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\en-US
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\en-GB
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\el-GR
2016-08-14 02:30:10 ----D---- C:\WINDOWS\system32\drivers\etc
2016-08-14 02:30:09 ----SHD---- C:\WINDOWS\Installer
2016-08-14 02:30:09 ----SHD---- C:\Program Files\Windows Sidebar
2016-08-14 02:30:09 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-08-14 02:30:09 ----SD---- C:\WINDOWS\system32\DiagSvcs
2016-08-14 02:30:09 ----SD---- C:\WINDOWS\system32\Configuration
2016-08-14 02:30:09 ----SD---- C:\WINDOWS\Downloaded Program Files
2016-08-14 02:30:09 ----SD---- C:\ProgramData\Microsoft
2016-08-14 02:30:09 ----SD---- C:\Program Files\WindowsPowerShell
2016-08-14 02:30:09 ----SD---- C:\Program Files (x86)\WindowsPowerShell
2016-08-14 02:30:09 ----RSD---- C:\WINDOWS\Media
2016-08-14 02:30:09 ----RSD---- C:\WINDOWS\Fonts
2016-08-14 02:30:09 ----RSD---- C:\WINDOWS\assembly
2016-08-14 02:30:09 ----RD---- C:\WINDOWS\PurchaseDialog
2016-08-14 02:30:09 ----RD---- C:\WINDOWS\PrintDialog
2016-08-14 02:30:09 ----RD---- C:\WINDOWS\Offline Web Pages
2016-08-14 02:30:09 ----RD---- C:\WINDOWS\MiracastView
2016-08-14 02:30:09 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-14 02:30:09 ----RD---- C:\WINDOWS\DevicesFlow
2016-08-14 02:30:09 ----RD---- C:\WINDOWS\DesktopTileResources
2016-08-14 02:30:09 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-14 02:30:09 ----HD---- C:\ProgramData
2016-08-14 02:30:09 ----HD---- C:\Program Files\WindowsApps
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\downlevel
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\Dism
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\de-DE
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\da-DK
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\Com
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\catroot2
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\Bthprops
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\Boot
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\bg-BG
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\ar-SA
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\appraiser
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\AppLocker
2016-08-14 02:30:09 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2016-08-14 02:30:09 ----D---- C:\WINDOWS\System
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Speech_OneCore
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Speech
2016-08-14 02:30:09 ----D---- C:\WINDOWS\SKB
2016-08-14 02:30:09 ----D---- C:\WINDOWS\schemas
2016-08-14 02:30:09 ----D---- C:\WINDOWS\SchCache
2016-08-14 02:30:09 ----D---- C:\WINDOWS\ShellNew
2016-08-14 02:30:09 ----D---- C:\WINDOWS\security
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Resources
2016-08-14 02:30:09 ----D---- C:\WINDOWS\rescache
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Registration
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Provisioning
2016-08-14 02:30:09 ----D---- C:\WINDOWS\prefetch
2016-08-14 02:30:09 ----D---- C:\WINDOWS\PolicyDefinitions
2016-08-14 02:30:09 ----D---- C:\WINDOWS\PLA
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Performance
2016-08-14 02:30:09 ----D---- C:\WINDOWS\ModemLogs
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Migration
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Logs
2016-08-14 02:30:09 ----D---- C:\WINDOWS\LiveKernelReports
2016-08-14 02:30:09 ----D---- C:\WINDOWS\L2Schemas
2016-08-14 02:30:09 ----D---- C:\WINDOWS\InputMethod
2016-08-14 02:30:09 ----D---- C:\WINDOWS\IME
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Help
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Globalization
2016-08-14 02:30:09 ----D---- C:\WINDOWS\diagnostics
2016-08-14 02:30:09 ----D---- C:\WINDOWS\debug
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Cursors
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Branding
2016-08-14 02:30:09 ----D---- C:\WINDOWS\Boot
2016-08-14 02:30:09 ----D---- C:\WINDOWS\AppReadiness
2016-08-14 02:30:09 ----D---- C:\WINDOWS\AppPatch
2016-08-14 02:30:09 ----D---- C:\WINDOWS\appcompat
2016-08-14 02:30:09 ----D---- C:\WINDOWS\addins
2016-08-14 02:30:09 ----D---- C:\ProgramData\USOPrivate
2016-08-14 02:30:09 ----D---- C:\ProgramData\SoftwareDistribution
2016-08-14 02:30:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-08-14 02:30:09 ----D---- C:\ProgramData\Comms
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows Portable Devices
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows Photo Viewer
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows NT
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows Multimedia Platform
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows Media Player
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows Mail
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows Journal
2016-08-14 02:30:09 ----D---- C:\Program Files\Windows Defender
2016-08-14 02:30:09 ----D---- C:\Program Files\Internet Explorer
2016-08-14 02:30:09 ----D---- C:\Program Files\Common Files\System
2016-08-14 02:30:09 ----D---- C:\Program Files\Common Files\Services
2016-08-14 02:30:09 ----D---- C:\Program Files\Common Files\microsoft shared
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Windows NT
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Windows Mail
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Windows Defender
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-08-14 02:30:09 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-14 02:30:09 ----D---- C:\PerfLogs
2016-08-14 02:29:53 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-08-14 02:29:52 ----D---- C:\WINDOWS\system32\drivers
2016-08-14 02:28:52 ----D---- C:\WINDOWS\INF
2016-08-14 02:18:44 ----D---- C:\WINDOWS\CbsTemp
2016-08-14 02:09:29 ----RD---- C:\Users
2016-08-14 02:09:29 ----RD---- C:\Program Files (x86)
2016-08-14 02:09:29 ----RD---- C:\Program Files
2016-08-14 02:09:29 ----D---- C:\WINDOWS\WinSxS
2016-08-14 02:09:29 ----D---- C:\WINDOWS\system32\SMI
2016-08-14 02:09:29 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-14 02:09:29 ----D---- C:\WINDOWS\system32\config
2016-08-14 02:09:29 ----D---- C:\WINDOWS\system32\CatRoot
2016-08-14 02:09:29 ----D---- C:\WINDOWS\System32
2016-08-14 02:09:29 ----D---- C:\WINDOWS\servicing
2016-08-14 02:09:29 ----D---- C:\Windows
2016-08-14 02:09:29 ----D---- C:\Program Files\Common Files
2016-08-14 02:09:29 ----D---- C:\Program Files (x86)\Common Files
2016-08-13 19:49:00 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-08-13 19:44:44 ----D---- C:\WINDOWS\system32\MRT
2016-08-13 19:44:24 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-13 19:30:51 ----D---- C:\Users\letae\AppData\Roaming\Steam
2016-08-13 19:23:41 ----D---- C:\Users\letae\AppData\Roaming\BitTorrent
2016-08-13 19:22:14 ----D---- C:\Program Files\CCleaner
2016-08-13 19:11:40 ----D---- C:\Users\letae\AppData\Roaming\Spotify
2016-08-13 19:07:50 ----D---- C:\Users\letae\AppData\Roaming\BSplayer Pro
2016-08-13 19:07:50 ----D---- C:\Users\letae\AppData\Roaming\BSplayer
2016-08-13 19:07:47 ----D---- C:\Program Files (x86)\Webteh
2016-08-13 19:07:00 ----D---- C:\Program Files (x86)\WinRAR
2016-08-13 19:05:22 ----D---- C:\Program Files\Zoner
2016-08-13 19:04:50 ----A---- C:\WINDOWS\system32\drivers\dtliteusbbus.sys
2016-08-13 19:04:48 ----D---- C:\Users\letae\AppData\Roaming\DAEMON Tools Lite
2016-08-13 19:04:48 ----A---- C:\WINDOWS\system32\drivers\dtlitescsibus.sys
2016-08-13 19:04:40 ----D---- C:\Program Files\DAEMON Tools Lite
2016-08-13 19:04:27 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-08-13 18:55:01 ----D---- C:\Program Files (x86)\Google
2016-08-13 18:37:27 ----D---- C:\Users\letae\AppData\Roaming\LSC
2016-08-13 17:40:59 ----D---- C:\Users\letae\AppData\Roaming\Intel Corporation
2016-08-13 17:40:58 ----D---- C:\Users\letae\AppData\Roaming\Macromedia
2016-08-13 17:40:06 ----D---- C:\Users\letae\AppData\Roaming\ATI
2016-08-13 17:36:28 ----D---- C:\Users\letae\AppData\Roaming\Adobe
2016-08-13 17:34:55 ----D---- C:\Users\letae\AppData\Roaming\Intel
2016-08-13 17:26:56 ----A---- C:\WINDOWS\system32\SynTPCo34-10.dll
2016-08-13 17:26:56 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2016-08-13 17:26:55 ----A---- C:\WINDOWS\SYSWOW64\SynCom.dll
2016-08-13 17:26:55 ----A---- C:\WINDOWS\system32\SynCOM.dll
2016-08-13 17:26:55 ----A---- C:\WINDOWS\system32\drivers\SynHidI2C_Aux.sys
2016-08-13 17:26:55 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_Intel_Aux.sys
2016-08-13 17:26:55 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_AMDASF_Aux.sys
2016-08-13 17:22:22 ----SHD---- C:\ProgramData\Šablony
2016-08-13 17:22:22 ----SHD---- C:\ProgramData\Plocha
2016-08-13 17:22:22 ----SHD---- C:\ProgramData\Nabídka Start
2016-08-13 17:22:22 ----SHD---- C:\ProgramData\Dokumenty
2016-08-13 17:22:22 ----SHD---- C:\ProgramData\Data aplikací
2016-08-13 17:21:05 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-08-13 17:13:46 ----SD---- C:\Users\letae\AppData\Roaming\Microsoft
2016-08-13 17:11:41 ----ASH---- C:\hiberfil.sys
2016-08-13 16:56:58 ----D---- C:\Program Files (x86)\Lenovo
2016-08-13 16:56:37 ----D---- C:\Program Files\AMD
2016-08-13 16:56:24 ----A---- C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-13 16:56:24 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-13 16:55:34 ----D---- C:\Program Files\Intel
2016-08-13 16:54:16 ----A---- C:\WINDOWS\SYSWOW64\SASrv.exe
2016-08-13 16:54:04 ----A---- C:\WINDOWS\system32\CxAudMsg64.exe
2016-08-13 16:53:58 ----A---- C:\WINDOWS\system32\drivers\SamSfPa.dat
2016-08-13 16:53:52 ----D---- C:\Program Files\Dolby Digital Plus
2016-08-13 16:53:10 ----D---- C:\ProgramData\Conexant
2016-08-13 16:53:00 ----D---- C:\Program Files\CONEXANT
2016-08-13 16:52:56 ----HD---- C:\Program Files\Uninstall Information
2016-08-13 16:52:56 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_Intel.sys
2016-08-13 16:52:53 ----D---- C:\ProgramData\USOShared
2016-08-13 16:51:56 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2016-08-13 16:49:07 ----AS---- C:\WINDOWS\bootstat.dat
2016-08-13 16:47:46 ----D---- C:\WINDOWS\ServiceProfiles
2016-08-13 16:47:22 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-13 16:06:48 ----HD---- C:\$SysReset
2016-08-11 15:48:34 ----A---- C:\WINDOWS\SYSWOW64\vccorlib140.dll
2016-08-11 15:39:34 ----A---- C:\WINDOWS\SYSWOW64\msvcp140.dll
2016-08-11 15:39:34 ----A---- C:\WINDOWS\SYSWOW64\concrt140.dll
2016-08-11 15:39:34 ----A---- C:\WINDOWS\system32\vccorlib140.dll
2016-08-11 15:39:34 ----A---- C:\WINDOWS\system32\msvcp140.dll
2016-08-11 15:37:08 ----A---- C:\WINDOWS\SYSWOW64\vcruntime140.dll
2016-08-11 15:37:08 ----A---- C:\WINDOWS\system32\vcruntime140.dll
2016-08-11 15:37:08 ----A---- C:\WINDOWS\system32\concrt140.dll
2016-08-10 19:48:47 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-10 19:48:45 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-10 19:48:44 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-08-10 19:48:41 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-10 19:48:41 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-08-10 19:48:40 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-10 19:48:39 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-10 19:48:38 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 19:48:37 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-10 19:48:36 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-10 19:48:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-10 19:48:34 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-08-10 19:48:33 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-08-10 19:48:32 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-10 19:48:31 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-10 19:48:30 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-10 19:48:29 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-10 19:48:29 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 19:48:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-10 19:48:25 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-08-10 19:48:24 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 19:48:22 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-08-10 19:48:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-08-10 19:48:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-10 19:48:20 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 19:48:19 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-08-10 19:48:18 ----A---- C:\WINDOWS\SYSWOW64\DbgModel.dll
2016-08-10 19:48:18 ----A---- C:\WINDOWS\SYSWOW64\dbgcore.dll
2016-08-10 19:48:18 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-08-10 19:48:17 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-08-10 19:48:17 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-08-10 19:48:17 ----A---- C:\WINDOWS\system32\dbgcore.dll
2016-08-10 19:48:16 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2016-08-10 19:48:16 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-08-10 19:48:16 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2016-08-10 19:48:16 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-08-10 19:48:15 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 19:48:13 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-10 19:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-10 19:48:13 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-10 19:48:12 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 19:48:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-10 19:48:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-10 19:48:10 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-08-10 19:48:10 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-08-10 19:48:10 ----A---- C:\WINDOWS\system32\certcli.dll
2016-08-10 19:48:09 ----A---- C:\WINDOWS\SYSWOW64\provcore.dll
2016-08-10 19:48:09 ----A---- C:\WINDOWS\system32\provcore.dll
2016-08-10 19:48:09 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-08-10 19:48:06 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2016-08-10 19:48:06 ----A---- C:\WINDOWS\system32\Wpc.dll
2016-08-10 19:48:05 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-10 19:48:05 ----A---- C:\WINDOWS\SYSWOW64\licensingdiag.exe
2016-08-10 19:48:05 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2016-08-10 19:48:05 ----A---- C:\WINDOWS\system32\WpcMon.exe
2016-08-10 19:48:05 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-10 19:48:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-08-10 19:48:04 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-10 19:48:04 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2016-08-10 19:48:04 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 19:48:03 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-10 19:48:02 ----A---- C:\WINDOWS\system32\tquery.dll
2016-08-10 19:48:00 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-08-10 19:48:00 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-08-10 19:48:00 ----A---- C:\WINDOWS\system32\aclui.dll
2016-08-10 19:47:59 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2016-08-10 19:47:59 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2016-08-10 19:47:59 ----A---- C:\WINDOWS\system32\WSShared.dll
2016-08-10 19:47:59 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2016-08-10 19:47:58 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2016-08-10 19:47:58 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-08-10 19:47:58 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-10 19:47:57 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2016-08-10 19:47:57 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-08-10 19:47:56 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-08-10 19:47:56 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-10 19:47:56 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-10 19:47:55 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-08-10 19:47:55 ----A---- C:\WINDOWS\system32\mssrch.dll
2016-08-10 19:47:55 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-10 19:47:55 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-08-10 19:47:54 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2016-08-10 19:47:53 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-08-10 19:47:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-10 19:47:53 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-10 19:47:52 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-08-10 19:47:52 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-08-10 19:47:52 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-10 19:47:52 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-10 19:47:51 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-10 19:47:51 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2016-08-10 19:47:51 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 19:47:51 ----A---- C:\WINDOWS\system32\DbgModel.dll
2016-08-10 19:47:50 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-08-10 19:47:50 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-08-10 19:47:50 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-08-10 19:47:50 ----A---- C:\WINDOWS\system32\winmde.dll
2016-08-10 19:47:49 ----A---- C:\WINDOWS\system32\twinui.dll
2016-08-10 19:47:48 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-08-10 19:47:48 ----A---- C:\WINDOWS\system32\wmp.dll
2016-08-10 19:47:46 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-08-10 19:47:46 ----A---- C:\WINDOWS\system32\eappprxy.dll
2016-08-10 19:47:46 ----A---- C:\WINDOWS\system32\eapphost.dll
2016-08-10 19:47:46 ----A---- C:\WINDOWS\system32\eappcfg.dll
2016-08-10 19:47:46 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2016-08-10 19:47:45 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2016-08-10 19:47:45 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2016-08-10 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-08-10 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2016-08-10 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2016-08-10 19:47:44 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-08-10 19:47:44 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2016-08-10 19:47:44 ----A---- C:\WINDOWS\system32\apprepsync.dll
2016-08-10 19:47:44 ----A---- C:\WINDOWS\system32\apprepapi.dll
2016-08-10 19:47:43 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2016-08-10 19:47:43 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 19:47:42 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-08-10 19:47:42 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2016-08-10 19:47:42 ----A---- C:\WINDOWS\system32\WSSync.dll
2016-08-10 19:47:42 ----A---- C:\WINDOWS\system32\WSClient.dll
2016-08-10 19:47:42 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2016-08-10 19:47:42 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 19:47:41 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-08-10 19:47:41 ----A---- C:\WINDOWS\system32\wmpps.dll
2016-08-10 19:47:41 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2016-08-10 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\WSSync.dll
2016-08-10 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\WSClient.dll
2016-08-10 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\oemlicense.dll
2016-08-10 19:47:40 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 19:47:40 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-08-10 19:47:40 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 19:47:39 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2016-08-10 19:47:39 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2016-08-10 19:47:39 ----A---- C:\WINDOWS\system32\InputService.dll
2016-08-10 19:47:38 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-08-10 19:47:38 ----A---- C:\WINDOWS\SYSWOW64\iassvcs.dll
2016-08-10 19:47:38 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-10 19:47:38 ----A---- C:\WINDOWS\system32\iassvcs.dll
2016-08-10 19:47:37 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2016-08-10 19:47:36 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-08-10 19:47:36 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2016-08-10 19:47:35 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2016-08-10 19:47:35 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-08-10 19:47:35 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 19:47:35 ----A---- C:\WINDOWS\system32\oemlicense.dll
2016-08-10 19:47:35 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 19:47:35 ----A---- C:\WINDOWS\system32\eappgnui.dll
2016-08-10 19:47:34 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-08-10 19:47:34 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-08-10 19:47:34 ----A---- C:\WINDOWS\SYSWOW64\Clipc.dll
2016-08-10 19:47:34 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-08-10 19:47:33 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-08-10 19:47:33 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-08-10 19:47:33 ----A---- C:\WINDOWS\system32\Clipc.dll
2016-08-10 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\NAPCRYPT.DLL
2016-08-10 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\mssphtb.dll
2016-08-10 19:47:32 ----A---- C:\WINDOWS\system32\wmpmde.dll
2016-08-10 19:47:32 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 19:47:32 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2016-08-10 19:47:32 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-08-10 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2016-08-10 19:47:31 ----A---- C:\WINDOWS\system32\wldp.dll
2016-08-10 19:47:31 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-08-10 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-08-10 19:47:30 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-08-10 19:47:30 ----A---- C:\WINDOWS\system32\mssph.dll
2016-08-10 19:47:30 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-08-10 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-08-10 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2016-08-10 19:47:28 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-08-10 19:47:28 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2016-08-10 19:47:28 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-10 19:47:28 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 19:47:28 ----A---- C:\WINDOWS\system32\mssphtb.dll
2016-08-10 19:47:28 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-08-10 19:47:27 ----A---- C:\WINDOWS\system32\mssvp.dll
2016-08-10 19:47:27 ----A---- C:\WINDOWS\system32\mfps.dll
2016-08-10 19:47:27 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-08-10 19:47:26 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-10 19:47:26 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-10 19:47:26 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-10 19:47:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-10 19:47:25 ----A---- C:\WINDOWS\system32\mssprxy.dll
2016-08-10 19:47:25 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-08-10 19:47:25 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-08-10 19:47:24 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-08-10 19:47:24 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-08-10 19:47:24 ----A---- C:\WINDOWS\system32\WSService.dll
2016-08-10 19:47:24 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2016-08-10 19:47:24 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-08-10 19:47:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-10 19:47:23 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2016-08-10 19:47:23 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-10 19:47:23 ----A---- C:\WINDOWS\system32\wpccpl.dll
2016-08-10 19:47:23 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-08-10 19:47:22 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 19:47:22 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-08-10 19:47:22 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-08-10 19:47:21 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2016-08-10 19:47:21 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 19:47:21 ----A---- C:\WINDOWS\system32\mos.dll
2016-08-10 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2016-08-10 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2016-08-10 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-08-10 19:47:20 ----A---- C:\WINDOWS\system32\msscntrs.dll
2016-08-10 19:47:20 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-08-10 19:47:20 ----A---- C:\WINDOWS\system32\moshost.dll
2016-08-10 19:47:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 19:47:19 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2016-08-10 19:47:19 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2016-08-10 19:47:19 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-08-10 19:47:19 ----A---- C:\WINDOWS\system32\GamePanel.exe

======List of files/folders modified in the last 1 month======

2016-08-22 17:00:06 ----SHD---- C:\System Volume Information
2016-08-18 19:48:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-17 13:30:31 ----A---- C:\WINDOWS\win.ini
2016-08-17 07:30:20 ----D---- C:\ProgramData\Package Cache
2016-08-17 07:29:56 ----D---- C:\Program Files (x86)\ATI Technologies
2016-08-17 07:28:10 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2016-08-17 07:28:10 ----A---- C:\WINDOWS\system32\atieclxx.exe
2016-08-17 07:28:09 ----A---- C:\WINDOWS\system32\atidemgy.dll
2016-08-17 07:28:09 ----A---- C:\WINDOWS\system32\aticfx64.dll
2016-08-17 07:28:08 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2016-08-15 09:00:39 ----HD---- C:\$WINDOWS.~BT
2016-08-14 02:44:34 ----HD---- C:\Recovery
2016-08-13 21:01:02 ----D---- C:\Hry
2016-08-13 20:06:36 ----D---- C:\ProgramData\McAfee
2016-08-13 18:52:45 ----D---- C:\Program Files\Lenovo
2016-08-13 18:52:27 ----D---- C:\ProgramData\Lenovo
2016-08-13 18:50:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-08-13 18:40:44 ----D---- C:\ProgramData\SUPPORTDIR
2016-08-13 18:40:43 ----D---- C:\ProgramData\Temp
2016-08-13 18:40:13 ----D---- C:\ProgramData\CyberLink
2016-08-13 17:26:57 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-08-13 17:24:35 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-13 17:16:37 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2016-08-13 17:08:48 ----HD---- C:\WINDOWS\system32\WLANProfiles
2016-08-13 17:08:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-08-13 17:08:24 ----D---- C:\WINDOWS\Downloaded Installations
2016-08-13 17:08:06 ----D---- C:\WINDOWS\Cnxt
2016-08-13 17:07:47 ----D---- C:\ProgramData\Roaming
2016-08-13 17:07:44 ----D---- C:\ProgramData\OneKey Recovery
2016-08-13 17:07:44 ----D---- C:\ProgramData\Microsoft OneDrive
2016-08-13 17:06:32 ----D---- C:\ProgramData\Intel.sav
2016-08-13 17:06:32 ----D---- C:\ProgramData\Intel
2016-08-13 17:06:32 ----D---- C:\ProgramData\install_clap
2016-08-13 17:06:31 ----D---- C:\Program Files (x86)\Realtek
2016-08-13 17:06:29 ----D---- C:\Program Files (x86)\NSIS Uninstall Information
2016-08-13 17:03:37 ----D---- C:\Program Files (x86)\Intel
2016-08-13 17:03:24 ----D---- C:\Program Files (x86)\CyberLink
2016-08-13 17:03:12 ----D---- C:\Program Files (x86)\Cisco
2016-08-13 17:03:02 ----D---- C:\Program Files\update
2016-08-13 17:01:51 ----D---- C:\Program Files\Common Files\Intel
2016-08-13 16:56:17 ----HD---- C:\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-25 1455552]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 ACPIVPC;@oem11.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-15 42328]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-08-17 26706464]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-08-17 518176]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 CnxtHdAudService;@oem14.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-03-10 1535680]
R3 dtlitescsibus;@oem23.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-08-13 30264]
R3 dtliteusbbus;@oem25.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-08-13 47672]
R3 ibtusb;@oem7.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-06-09 255728]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-16 6401784]
R3 MEIx64;@oem19.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-12 183584]
R3 NETwNb64;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-06-22 3776792]
R3 rt640x64;@oem8.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 RTSUER;@oem10.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-05-25 410880]
R3 SNP2UVC;@oem4.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2015-07-01 3481696]
R3 SynTP;@oem24.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\System32\drivers\SynTP.sys [2016-08-13 642168]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-03-16 238080]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-16 473864]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-11 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-09 33960]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-11 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2016-01-31 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-07-10 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-08-17 287264]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-06-12 640928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-22 18856]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2015-06-09 150256]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-16 350312]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-06-12 157088]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-08-13 255608]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 UpdateAgentService;Update Agent; C:\Program Files\update\UpdateAgent.exe [2015-09-20 226216]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-07-29 1467072]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 UserDataSvc_Session1;Přístup k uživatelským datům_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-16 282216]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13 154440]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-06-12 268192]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-11 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[EliškaL12]

# AdwCleaner v6.000 - *Logfile created 22/08/2016 *at 18:16:00
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-21.4 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : letae - LAPTOP-1TL9V368
# *Running from : C:\Users\letae\Desktop\adwcleaner_6.000.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Conduit
[#] *Key deleted on reboot: HKCU\Software\Conduit
[-] *Key deleted: HKLM\SOFTWARE\Conduit


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [934 *Bytes] - [22/08/2016 18:16:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [1273 *Bytes] - [22/08/2016 18:15:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1081 *Bytes] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[EliškaL12]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by letae (administrator) on LAPTOP-1TL9V368 (22-08-2016 18:28:53)
Running from C:\Users\letae\Desktop
Loaded Profiles: letae (Available Profiles: letae)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\syswow64\SASrv.exe
() C:\Program Files\update\UpdateAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(Lenovo) C:\Program Files\Lenovo\BatteryGauge\BatteryGaugeIcon.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
(Spotify Ltd) C:\Users\letae\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\MSOSYNC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKU\S-1-5-21-71674399-911695515-4203967766-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-71674399-911695515-4203967766-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-71674399-911695515-4203967766-1001\...\Run: [Spotify Web Helper] => C:\Users\letae\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-08-13] (Spotify Ltd)
HKU\S-1-5-21-71674399-911695515-4203967766-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-71674399-911695515-4203967766-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-71674399-911695515-4203967766-1001\...\RunOnce: [Uninstall C:\Users\letae\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_4\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\letae\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_4\amd64"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.19.34.2 81.19.33.2
Tcpip\..\Interfaces\{08e9d343-9038-4bc4-89e4-cdd1054e8286}: [DhcpNameServer] 81.19.34.2 81.19.33.2
Tcpip\..\Interfaces\{3e246e9b-101e-4b2e-ad45-128c03d32721}: [DhcpNameServer] 150.213.1.3

Internet Explorer:
==================
HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-71674399-911695515-4203967766-1001 -> DefaultScope {0971F776-50F6-4CD8-AB5E-EE072F517D91} URL =
SearchScopes: HKU\S-1-5-21-71674399-911695515-4203967766-1001 -> {0971F776-50F6-4CD8-AB5E-EE072F517D91} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-13]
CHR Extension: (Dokumenty Google) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-13]
CHR Extension: (Disk Google) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-13]
CHR Extension: (YouTube) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-13]
CHR Extension: (WGT Golf Challenge) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2016-08-13]
CHR Extension: (Tabulky Google) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-13]
CHR Extension: (AdBlock) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-13]
CHR Extension: (GIFPAL) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2016-08-13]
CHR Extension: (Gmail) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-13]
CHR Extension: (Chrome Media Router) - C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-06-09] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2015-08-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-08-13] (Synaptics Incorporated)
R2 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-09-20] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-13] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-13] (Disc Soft Ltd)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [255728 2015-06-09] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2016-05-25] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-09] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [3481696 2015-07-01] (Sonix Co. Ltd.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-22 18:28 - 2016-08-22 18:29 - 00014674 _____ C:\Users\letae\Desktop\FRST.txt
2016-08-22 18:28 - 2016-08-22 18:28 - 00000000 ____D C:\FRST
2016-08-22 18:27 - 2016-08-22 18:28 - 02396672 _____ (Farbar) C:\Users\letae\Desktop\FRST64.exe
2016-08-22 18:27 - 2016-08-22 18:27 - 00112640 _____ (forum.viry.cz) C:\Users\letae\Desktop\Nepotvrzeno 46413.crdownload
2016-08-22 18:17 - 2016-08-22 18:17 - 00016148 _____ C:\WINDOWS\system32\LAPTOP-1TL9V368_letae_HistoryPrediction.bin
2016-08-22 18:14 - 2016-08-22 18:16 - 00000000 ____D C:\AdwCleaner
2016-08-22 18:14 - 2016-08-22 18:14 - 03784256 _____ C:\Users\letae\Desktop\adwcleaner_6.000.exe
2016-08-22 17:25 - 2016-08-22 17:31 - 00000000 ____D C:\Program Files\trend micro
2016-08-22 17:25 - 2016-08-22 17:25 - 00448512 _____ (OldTimer Tools) C:\Users\letae\Desktop\TFC.exe
2016-08-22 17:25 - 2016-08-22 17:25 - 00000000 ____D C:\rsit
2016-08-22 17:23 - 2016-08-22 17:25 - 00487610 _____ C:\TDSSKiller.3.1.0.11_22.08.2016_17.23.25_log.txt
2016-08-22 17:23 - 2016-08-22 17:23 - 00000000 ____D C:\Users\letae\AppData\Roaming\WinRAR
2016-08-22 17:20 - 2016-08-22 17:21 - 01222144 _____ C:\Users\letae\Desktop\RSITx64.exe
2016-08-22 16:57 - 2016-08-22 16:57 - 00000000 ___HD C:\OneDriveTemp
2016-08-21 18:05 - 2016-08-21 18:10 - 1471899648 _____ C:\Users\letae\Downloads\Chyt me, kdyz to dokazes.avi
2016-08-21 17:07 - 2016-08-21 17:18 - 722322148 _____ C:\Users\letae\Downloads\The.Shallows.2016.HDTS.685MB.MkvCage.mkv
2016-08-21 17:01 - 2016-08-21 17:20 - 3975604835 _____ C:\Users\letae\Downloads\Me.Before.You.2016.1080p.HDRip.X264.AC3-EVO.mkv
2016-08-21 16:59 - 2016-08-21 17:06 - 2266640770 _____ C:\Users\letae\Downloads\Suicide Squad 2016 HD-TS x264-CPG (1).mkv
2016-08-20 18:08 - 2016-08-20 18:08 - 00000000 ____D C:\Users\letae\AppData\Roaming\AVG
2016-08-20 18:07 - 2016-08-20 18:07 - 00000000 ____D C:\Users\letae\AppData\Roaming\TuneUp Software
2016-08-20 18:05 - 2016-08-22 16:55 - 00000000 ____D C:\ProgramData\MFAData
2016-08-20 18:05 - 2016-08-20 18:05 - 00000000 ____D C:\Users\letae\AppData\Local\MFAData
2016-08-20 18:03 - 2016-08-22 17:01 - 00000000 ____D C:\ProgramData\Avg
2016-08-20 18:03 - 2016-08-22 17:00 - 00000000 ____D C:\Users\letae\AppData\Local\AvgSetupLog
2016-08-20 18:03 - 2016-08-22 16:55 - 00000000 ____D C:\Users\letae\AppData\Local\Avg
2016-08-20 16:16 - 2016-08-20 16:16 - 00055234 _____ C:\Users\letae\Desktop\Ceník za ubytování a služby s ním spojené ve vysokoškolských kolejích pro studenty UTB- platný od 1.9. 2015.pdf
2016-08-20 16:08 - 2016-08-20 16:08 - 00210352 _____ C:\Users\letae\Desktop\nastup_na_ubyt_2016_2017.pdf
2016-08-20 16:02 - 2016-08-20 16:02 - 00403404 _____ C:\Users\letae\Desktop\oznameni_o_pouzivani_vlastnich_elektrospotrebicu.pdf
2016-08-18 08:18 - 2016-08-18 08:18 - 00003342 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-17 13:34 - 2016-08-17 13:34 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-08-17 13:32 - 2016-08-17 13:32 - 00002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-08-17 13:32 - 2016-08-17 13:32 - 00002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-08-17 13:31 - 2016-08-17 13:31 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-08-17 13:31 - 2016-08-17 13:31 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-08-17 13:31 - 2016-08-17 13:31 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-08-17 13:31 - 2016-08-17 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-17 13:31 - 2016-08-17 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-08-17 13:30 - 2016-08-17 13:30 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-08-17 13:30 - 2016-08-17 13:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-08-17 13:29 - 2016-08-17 13:29 - 00000000 __RHD C:\MSOCache
2016-08-17 13:29 - 2016-08-17 13:29 - 00000000 ____D C:\Users\letae\AppData\Local\Microsoft Help
2016-08-17 13:29 - 2016-08-17 13:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-17 13:07 - 2016-08-17 13:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-17 12:44 - 2016-08-22 15:02 - 00004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0BCF4496-7A09-452B-95FD-61FCC3AB283A}
2016-08-17 12:41 - 2016-08-17 12:41 - 00000000 ___SD C:\Users\letae\Documents\Obrazce
2016-08-17 12:26 - 2016-08-17 13:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-08-17 12:26 - 2016-08-17 12:26 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2016-08-17 12:09 - 2016-08-17 13:31 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-17 07:30 - 2016-08-17 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-17 07:30 - 2016-08-17 07:30 - 00000000 ____D C:\Users\letae\AppData\Local\AMD
2016-08-17 07:29 - 2016-08-17 07:29 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2016-08-17 07:29 - 2016-08-17 07:29 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2016-08-17 07:29 - 2016-08-17 07:29 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2016-08-17 07:29 - 2016-08-17 07:29 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2016-08-17 07:29 - 2016-08-17 07:29 - 00000000 ____D C:\AMD
2016-08-17 07:28 - 2016-08-17 07:29 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-17 07:28 - 2016-08-17 07:28 - 48815136 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 38266392 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 32555552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 27489312 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 26639384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 21641248 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 15729184 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 14320160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 11064408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 10382744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 09399672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 09190584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 08949688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 08833056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 08737928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 07305696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 07115456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 07077400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-08-17 07:28 - 2016-08-17 07:28 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-08-17 07:28 - 2016-08-17 07:28 - 02376736 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 02286624 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 02147360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 01837600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 01287504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00991264 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00991264 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00883232 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00882174 _____ C:\WINDOWS\system32\amdicdxx.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00751648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00728832 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-08-17 07:28 - 2016-08-17 07:28 - 00728832 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-08-17 07:28 - 2016-08-17 07:28 - 00627232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00487856 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00402976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-17 07:28 - 2016-08-17 07:28 - 00368672 _____ C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00350240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-17 07:28 - 2016-08-17 07:28 - 00322996 _____ C:\WINDOWS\system32\ativvaxy_vi.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00322736 _____ C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00292384 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-17 07:28 - 2016-08-17 07:28 - 00287776 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00275992 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00270912 _____ C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00270360 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-17 07:28 - 2016-08-17 07:28 - 00268832 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00266816 _____ C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00260980 _____ C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00260720 _____ C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00249368 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00241184 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00234528 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00234292 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00234032 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00231456 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-17 07:28 - 2016-08-17 07:28 - 00222240 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00209440 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-17 07:28 - 2016-08-17 07:28 - 00202784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00201760 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00190736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00181792 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00177280 _____ C:\WINDOWS\system32\ativce03.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00176672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00175584 _____ C:\WINDOWS\system32\amde31a.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00170992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00166624 _____ C:\WINDOWS\system32\amde34b.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00166624 _____ C:\WINDOWS\system32\amde34a.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00165776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00161584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00159440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00149008 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-08-17 07:28 - 2016-08-17 07:28 - 00145232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00144720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00143792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00137248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00129584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00129584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00123936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00118816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00117296 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-08-17 07:28 - 2016-08-17 07:28 - 00113696 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00112336 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-08-17 07:28 - 2016-08-17 07:28 - 00111696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00111696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00111136 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00108576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00108576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00104480 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2016-08-17 07:28 - 2016-08-17 07:28 - 00083992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00079904 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00073248 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00069656 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00068640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-17 07:28 - 2016-08-17 07:28 - 00068128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00067608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00066592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00060960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00055832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00021528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00021528 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-17 07:28 - 2016-08-17 07:28 - 00016827 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-08-17 07:28 - 2016-08-17 07:28 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-08-17 07:28 - 2016-08-17 07:28 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json
2016-08-16 13:27 - 2016-08-22 18:19 - 00000000 ____D C:\Users\letae\AppData\Roaming\Skype
2016-08-16 13:27 - 2016-08-16 13:27 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2016-08-16 13:27 - 2016-08-16 13:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-16 13:27 - 2016-08-16 13:27 - 00000000 ____D C:\Users\letae\Tracing
2016-08-16 13:27 - 2016-08-16 13:27 - 00000000 ____D C:\ProgramData\Skype
2016-08-16 13:27 - 2016-08-16 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-15 08:58 - 2016-08-15 08:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-14 02:45 - 2016-08-15 09:03 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-14 02:45 - 2016-08-14 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2016-08-14 02:45 - 2016-08-13 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-08-14 02:45 - 2016-08-13 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2016-08-14 02:45 - 2016-08-13 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2016-08-14 02:45 - 2015-04-28 20:06 - 00043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2016-08-14 02:44 - 2016-08-14 02:44 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-08-14 02:44 - 2016-08-13 21:32 - 00000000 ____D C:\Windows.old
2016-08-14 02:43 - 2016-08-14 02:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-14 02:43 - 2016-08-14 02:43 - 00000000 ____D C:\Program Files\Synaptics
2016-08-14 02:42 - 2016-08-14 02:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-14 02:41 - 2016-08-14 02:41 - 00000000 ____D C:\WINDOWS\Setup
2016-08-14 02:39 - 2016-08-14 02:39 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-14 02:39 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\OCR
2016-08-14 02:38 - 2016-08-14 02:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-14 02:38 - 2016-08-14 02:38 - 00000000 ____D C:\Program Files\MSBuild
2016-08-14 02:38 - 2016-08-14 02:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-14 02:38 - 2016-08-14 02:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-14 02:37 - 2016-08-18 19:48 - 00747670 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-14 02:37 - 2016-08-18 19:48 - 00150090 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\cs
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\system32\cs
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\system32\0409
2016-08-14 02:37 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-08-14 02:37 - 2016-08-14 02:36 - 00296654 _____ C:\WINDOWS\system32\perfi005.dat
2016-08-14 02:37 - 2016-08-14 02:36 - 00038682 _____ C:\WINDOWS\system32\perfd005.dat
2016-08-14 02:37 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-08-14 02:37 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-08-14 02:37 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-08-14 02:37 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-08-14 02:31 - 2016-07-02 06:34 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-14 02:31 - 2016-07-02 06:34 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-14 02:30 - 2016-08-22 08:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-14 02:30 - 2016-08-20 18:50 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-14 02:30 - 2016-08-20 08:10 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-14 02:30 - 2016-08-17 13:32 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-14 02:30 - 2016-08-17 13:32 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-14 02:30 - 2016-08-17 13:31 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-14 02:30 - 2016-08-17 13:30 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-14 02:30 - 2016-08-17 06:37 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 02:30 - 2016-08-14 09:11 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-14 02:30 - 2016-08-14 02:44 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-14 02:30 - 2016-08-14 02:41 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-08-14 02:30 - 2016-08-14 02:39 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-14 02:30 - 2016-08-14 02:39 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-14 02:30 - 2016-08-14 02:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-08-14 02:30 - 2016-08-14 02:37 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-14 02:30 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-08-14 02:30 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-08-14 02:30 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\system32\setup
2016-08-14 02:30 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-08-14 02:30 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\system32\Com
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 __RSD C:\WINDOWS\Media
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\Web
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\Vss
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\tracing
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\TAPI
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SystemResources
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SystemApps
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\ras
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\ias
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\System
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SKB
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\schemas
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\SchCache
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\security
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\Resources
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\PLA
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\Performance
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\InputMethod
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\Globalization
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\Cursors
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\Branding
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\addins
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\ProgramData\Comms
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\Program Files\Common Files\Services
2016-08-14 02:30 - 2016-08-14 02:30 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-08-14 02:30 - 2016-08-14 02:28 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-08-14 02:30 - 2016-08-14 02:28 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-08-14 02:30 - 2016-08-14 02:28 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-08-14 02:30 - 2016-08-14 02:28 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-08-14 02:30 - 2016-08-14 02:28 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-08-14 02:30 - 2016-08-14 02:28 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-08-14 02:30 - 2016-08-14 02:28 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-08-14 02:30 - 2016-08-14 02:28 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-08-14 02:30 - 2016-08-14 02:28 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-08-14 02:30 - 2016-08-14 02:28 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-08-14 02:30 - 2016-08-14 02:28 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-08-14 02:30 - 2016-08-14 02:28 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-08-14 02:30 - 2016-08-14 02:28 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-08-14 02:30 - 2016-08-14 02:28 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-08-14 02:30 - 2016-08-13 20:02 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-08-14 02:30 - 2016-08-13 20:01 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-14 02:30 - 2016-08-13 17:37 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-14 02:30 - 2016-08-13 17:37 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-14 02:30 - 2016-08-13 17:22 - 00000000 ____D C:\WINDOWS\Registration
2016-08-14 02:30 - 2016-08-13 17:22 - 00000000 ____D C:\Program Files\Windows NT
2016-08-14 02:30 - 2016-08-13 17:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-14 02:30 - 2016-08-13 17:17 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-14 02:30 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-14 02:30 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-14 02:30 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\IME
2016-08-14 02:30 - 2016-08-13 17:08 - 00000000 ____D C:\WINDOWS\Help
2016-08-14 02:30 - 2016-08-13 17:06 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-14 02:30 - 2016-08-13 17:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-14 02:30 - 2016-08-13 16:59 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-14 02:30 - 2016-08-13 16:52 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-14 02:28 - 2016-08-22 16:59 - 00000000 ____D C:\WINDOWS\INF
2016-08-14 02:18 - 2016-08-13 19:49 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-14 02:09 - 2016-08-22 18:16 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-14 02:09 - 2016-08-20 18:09 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-14 02:09 - 2016-08-14 02:37 - 00000000 ____D C:\WINDOWS\servicing
2016-08-14 02:09 - 2016-08-14 02:30 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-08-14 02:09 - 2015-07-10 11:11 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-08-13 20:00 - 2016-08-13 20:00 - 00000000 ____D C:\Users\letae\AppData\Local\Disc_Soft_Ltd
2016-08-13 19:49 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-08-13 19:44 - 2016-08-13 19:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-13 19:44 - 2016-08-13 19:44 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-13 19:30 - 2016-08-13 19:30 - 00000000 ____D C:\Users\letae\AppData\Roaming\Steam
2016-08-13 19:24 - 2016-08-13 19:24 - 00002731 _____ C:\Users\letae\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2016-08-13 19:23 - 2016-08-22 17:00 - 00000000 ____D C:\Users\letae\AppData\Roaming\BitTorrent
2016-08-13 19:22 - 2016-08-13 19:22 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-13 19:22 - 2016-08-13 19:22 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-13 19:22 - 2016-08-13 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-13 19:22 - 2016-08-13 19:22 - 00000000 ____D C:\Program Files\CCleaner
2016-08-13 19:17 - 2016-08-13 19:17 - 00001857 _____ C:\Users\letae\Desktop\Spotify.lnk
2016-08-13 19:17 - 2016-08-13 19:17 - 00001843 _____ C:\Users\letae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-08-13 19:13 - 2016-08-22 16:59 - 00000000 ____D C:\Users\letae\AppData\Local\CrashDumps
2016-08-13 19:11 - 2016-08-21 10:30 - 00000000 ____D C:\Users\letae\AppData\Roaming\Spotify
2016-08-13 19:10 - 2016-08-21 10:30 - 00000000 ____D C:\Users\letae\AppData\Local\Spotify
2016-08-13 19:10 - 2016-08-13 19:10 - 00000000 ____D C:\Users\letae\AppData\Local\CEF
2016-08-13 19:08 - 2016-08-13 19:08 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-08-13 19:08 - 2016-08-13 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2016-08-13 19:07 - 2016-08-13 19:09 - 00000000 ____D C:\Users\letae\AppData\Roaming\BSplayer
2016-08-13 19:07 - 2016-08-13 19:07 - 00000000 ____D C:\Users\letae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-13 19:07 - 2016-08-13 19:07 - 00000000 ____D C:\Users\letae\AppData\Roaming\BSplayer Pro
2016-08-13 19:07 - 2016-08-13 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-13 19:07 - 2016-08-13 19:07 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-08-13 19:07 - 2016-08-13 19:07 - 00000000 ____D C:\Program Files (x86)\Webteh
2016-08-13 19:05 - 2016-08-13 19:05 - 00002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 18.lnk
2016-08-13 19:05 - 2016-08-13 19:05 - 00002032 _____ C:\Users\Public\Desktop\Zoner Photo Studio 18.lnk
2016-08-13 19:05 - 2016-08-13 19:05 - 00000000 ____D C:\Program Files\Zoner
2016-08-13 19:04 - 2016-08-22 17:00 - 00000000 ____D C:\Users\letae\AppData\Roaming\DAEMON Tools Lite
2016-08-13 19:04 - 2016-08-13 19:04 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-08-13 19:04 - 2016-08-13 19:04 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-08-13 19:04 - 2016-08-13 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-08-13 19:04 - 2016-08-13 19:04 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-08-13 19:04 - 2016-08-13 19:04 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-08-13 18:55 - 2016-08-22 18:18 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-13 18:55 - 2016-08-22 18:05 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-13 18:55 - 2016-08-13 19:00 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-13 18:55 - 2016-08-13 19:00 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-13 18:55 - 2016-08-13 18:55 - 00002347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-13 18:55 - 2016-08-13 18:55 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-13 18:54 - 2016-08-13 21:08 - 00000000 ____D C:\Users\letae\AppData\Local\Google
2016-08-13 18:51 - 2016-08-13 18:51 - 00003416 _____ C:\WINDOWS\System32\Tasks\{8D94F2F8-1F0C-4B4F-9B2B-0E794FBAE266}
2016-08-13 18:45 - 2016-08-13 20:11 - 00000000 ____D C:\Users\letae\AppData\Local\PackageStaging
2016-08-13 18:37 - 2016-08-13 18:37 - 00000000 ____D C:\Users\letae\AppData\Roaming\LSC
2016-08-13 18:37 - 2016-08-13 18:37 - 00000000 ____D C:\Users\letae\AppData\Local\NetworkTiles
2016-08-13 17:44 - 2016-08-13 17:45 - 00000000 ____D C:\Users\letae\AppData\Local\MicrosoftEdge
2016-08-13 17:40 - 2016-08-18 08:18 - 00002390 _____ C:\Users\letae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-13 17:40 - 2016-08-13 17:40 - 00000000 ____D C:\Users\letae\AppData\Roaming\Macromedia
2016-08-13 17:40 - 2016-08-13 17:40 - 00000000 ____D C:\Users\letae\AppData\Roaming\Intel Corporation
2016-08-13 17:40 - 2016-08-13 17:40 - 00000000 ____D C:\Users\letae\AppData\Roaming\ATI
2016-08-13 17:40 - 2016-08-13 17:40 - 00000000 ____D C:\Users\letae\AppData\Local\Power2Go8
2016-08-13 17:40 - 2016-08-13 17:40 - 00000000 ____D C:\Users\letae\AppData\Local\ATI
2016-08-13 17:38 - 2016-08-13 20:11 - 00000000 ____D C:\Users\letae\AppData\Local\Comms
2016-08-13 17:38 - 2016-08-13 17:38 - 00000000 ____D C:\Users\letae\REACHit
2016-08-13 17:38 - 2016-08-13 17:38 - 00000000 ____D C:\Users\letae\AppData\Local\Lenovo
2016-08-13 17:37 - 2016-08-13 18:40 - 00000000 ____D C:\Users\letae\AppData\Local\CyberLink
2016-08-13 17:37 - 2016-08-13 17:37 - 00000000 ____D C:\Users\letae\AppData\Local\Publishers
2016-08-13 17:36 - 2016-08-20 08:09 - 00000000 ____D C:\Users\letae\AppData\Local\Packages
2016-08-13 17:36 - 2016-08-13 17:36 - 00000000 ____D C:\Users\letae\AppData\Roaming\Adobe
2016-08-13 17:36 - 2016-08-13 17:36 - 00000000 ____D C:\Users\letae\AppData\Local\VirtualStore
2016-08-13 17:36 - 2016-08-13 17:36 - 00000000 ____D C:\Users\letae\AppData\Local\TileDataLayer
2016-08-13 17:34 - 2016-08-13 17:34 - 00000020 ___SH C:\Users\letae\ntuser.ini
2016-08-13 17:34 - 2016-08-13 17:34 - 00000000 ____D C:\Users\letae\AppData\Roaming\Intel
2016-08-13 17:26 - 2016-08-13 17:26 - 00778360 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2016-08-13 17:26 - 2016-08-13 17:26 - 00428664 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2016-08-13 17:26 - 2016-08-13 17:26 - 00293496 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo34-10.dll
2016-08-13 17:26 - 2016-08-13 17:26 - 00285304 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2016-08-13 17:26 - 2016-08-13 17:26 - 00098936 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynHidI2C_Aux.sys
2016-08-13 17:26 - 2016-08-13 17:26 - 00051320 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2016-08-13 17:26 - 2016-08-13 17:26 - 00050808 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Public\Documents\Obrázky
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Public\Documents\Hudba
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Public\Documents\Filmy
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\Default User
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\Users\All Users
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\ProgramData\Šablony
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\ProgramData\Plocha
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\ProgramData\Dokumenty
2016-08-13 17:22 - 2016-08-13 17:22 - 00000000 _SHDL C:\ProgramData\Data aplikací
2016-08-13 17:21 - 2016-08-13 17:21 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-13 17:13 - 2016-08-16 21:37 - 00000000 ____D C:\Users\letae
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Šablony
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Soubory cookie
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Poslední
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Okolní tiskárny
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Okolní síť
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Nabídka Start
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Dokumenty
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Documents\Obrázky
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Documents\Hudba
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Documents\Filmy
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\Data aplikací
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-13 17:13 - 2016-08-13 17:13 - 00000000 _SHDL C:\Users\letae\AppData\Local\Data aplikací
2016-08-13 17:09 - 2016-08-13 17:09 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-13 17:01 - 2016-08-13 17:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-13 16:56 - 2016-08-22 18:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-13 16:56 - 2016-08-17 12:26 - 00000000 ____D C:\Program Files\AMD
2016-08-13 16:56 - 2016-08-13 18:52 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-08-13 16:56 - 2016-08-13 16:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-13 16:56 - 2016-08-13 16:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-13 16:55 - 2016-08-13 17:02 - 00000000 ____D C:\Program Files\Intel
2016-08-13 16:54 - 2014-12-09 20:11 - 00423128 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2016-08-13 16:54 - 2014-10-20 14:54 - 00207576 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2016-08-13 16:53 - 2016-08-13 16:54 - 00000000 ____D C:\Program Files\CONEXANT
2016-08-13 16:53 - 2016-08-13 16:53 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-13 16:53 - 2016-08-13 16:53 - 00000000 ____D C:\ProgramData\Conexant
2016-08-13 16:53 - 2016-08-13 16:53 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2016-08-13 16:53 - 2014-04-25 10:22 - 00002440 _____ C:\WINDOWS\system32\Drivers\SamSfPa.dat
2016-08-13 16:52 - 2016-08-13 16:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-13 16:52 - 2016-08-13 16:52 - 00000000 ____D C:\ProgramData\USOShared
2016-08-13 16:52 - 2015-07-09 18:18 - 00033960 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2016-08-13 16:51 - 2016-08-03 08:45 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-13 16:48 - 2016-08-22 18:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-13 16:47 - 2016-08-22 16:55 - 00355360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-13 16:47 - 2016-08-13 16:47 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-13 16:06 - 2016-08-22 18:03 - 00000000 ___HD C:\$SysReset
2016-08-13 12:50 - 2016-08-13 12:50 - 00000000 ____D C:\Users\letae\AppData\LocalLow\stillalive studios GmbH
2016-08-11 15:48 - 2016-08-11 15:48 - 00267016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2016-08-11 15:39 - 2016-08-11 15:39 - 00635120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2016-08-11 15:39 - 2016-08-11 15:39 - 00439536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2016-08-11 15:39 - 2016-08-11 15:39 - 00390400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2016-08-11 15:39 - 2016-08-11 15:39 - 00243480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2016-08-11 15:37 - 2016-08-11 15:37 - 00333080 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2016-08-11 15:37 - 2016-08-11 15:37 - 00088816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2016-08-11 15:37 - 2016-08-11 15:37 - 00085232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2016-08-10 19:48 - 2016-08-03 08:15 - 02881624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 19:48 - 2016-08-03 08:15 - 00468832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 19:48 - 2016-08-03 07:46 - 08016728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 19:48 - 2016-08-03 07:46 - 02816016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-08-10 19:48 - 2016-08-03 07:46 - 01538168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 19:48 - 2016-08-03 07:46 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 19:48 - 2016-08-03 07:44 - 02429792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-10 19:48 - 2016-08-03 07:44 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-08-10 19:48 - 2016-08-03 07:39 - 00660320 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 19:48 - 2016-08-03 07:38 - 06525424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-10 19:48 - 2016-08-03 07:38 - 03625928 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 19:48 - 2016-08-03 07:09 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-10 19:48 - 2016-08-03 07:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 19:48 - 2016-08-03 06:57 - 24604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 19:48 - 2016-08-03 06:57 - 21862912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 19:48 - 2016-08-03 06:53 - 13027328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 19:48 - 2016-08-03 06:50 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-10 19:48 - 2016-08-03 06:49 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 19:48 - 2016-08-03 06:48 - 06788096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 19:48 - 2016-08-03 06:47 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-10 19:48 - 2016-08-03 06:46 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 19:48 - 2016-08-03 06:46 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-08-10 19:48 - 2016-08-03 06:45 - 12514304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 19:48 - 2016-08-03 06:45 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 19:48 - 2016-08-03 06:44 - 19337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 19:48 - 2016-08-03 06:44 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
2016-08-10 19:48 - 2016-08-03 06:42 - 02839040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-08-10 19:48 - 2016-08-03 06:42 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-08-10 19:48 - 2016-08-03 06:42 - 02253824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-08-10 19:48 - 2016-08-03 06:41 - 04398592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-10 19:48 - 2016-08-03 06:41 - 03119104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 19:48 - 2016-08-03 06:41 - 01686528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 19:48 - 2016-08-03 06:41 - 01606656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 19:48 - 2016-08-03 06:40 - 05160960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 19:48 - 2016-08-03 06:40 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-08-10 19:48 - 2016-08-03 06:39 - 05448704 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-10 19:48 - 2016-08-03 06:39 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-08-10 19:48 - 2016-08-03 06:39 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 19:48 - 2016-08-03 06:38 - 03873280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 19:48 - 2016-08-03 06:38 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-08-10 19:48 - 2016-08-03 06:38 - 00819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-08-10 19:48 - 2016-08-03 06:37 - 04453888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-08-10 19:48 - 2016-08-03 06:36 - 07524352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 19:48 - 2016-08-03 06:36 - 07502848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 19:48 - 2016-08-03 06:36 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll
2016-08-10 19:48 - 2016-08-03 06:35 - 18799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 19:48 - 2016-08-03 06:35 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 19:48 - 2016-08-03 06:35 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 19:48 - 2016-08-03 06:35 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 19:48 - 2016-08-03 06:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 19:48 - 2016-08-03 06:33 - 02198016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-08-10 19:48 - 2016-08-03 06:33 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 19:48 - 2016-08-03 06:32 - 01492992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 19:48 - 2016-08-03 06:32 - 00939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-08-10 19:48 - 2016-08-03 06:31 - 05329408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-10 19:48 - 2016-08-03 06:30 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-08-10 19:48 - 2016-08-03 06:30 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgcore.dll
2016-08-10 19:48 - 2016-08-03 06:28 - 03692032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-08-10 19:48 - 2016-08-03 06:28 - 03579392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 19:48 - 2016-08-03 06:27 - 11270656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 19:48 - 2016-08-03 06:26 - 06713856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 19:48 - 2016-08-03 06:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 19:48 - 2016-08-03 06:22 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-08-10 19:48 - 2016-08-03 06:21 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-08-10 19:48 - 2016-08-03 06:20 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgcore.dll
2016-08-10 19:47 - 2016-08-03 08:25 - 00953472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 19:47 - 2016-08-03 08:25 - 00365120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-10 19:47 - 2016-08-03 08:24 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-08-10 19:47 - 2016-08-03 08:24 - 01767008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-08-10 19:47 - 2016-08-03 08:24 - 01531368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-10 19:47 - 2016-08-03 08:24 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-10 19:47 - 2016-08-03 08:24 - 00439648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 19:47 - 2016-08-03 08:24 - 00046480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 19:47 - 2016-08-03 08:23 - 01895576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-08-10 19:47 - 2016-08-03 08:22 - 01811360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-08-10 19:47 - 2016-08-03 08:15 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 19:47 - 2016-08-03 08:15 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2016-08-10 19:47 - 2016-08-03 08:14 - 00565648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-08-10 19:47 - 2016-08-03 08:13 - 00065096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-08-10 19:47 - 2016-08-03 08:09 - 00185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 03467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 01951864 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 01563480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 00632680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 00601336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 19:47 - 2016-08-03 07:46 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 19:47 - 2016-08-03 07:46 - 00432352 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-10 19:47 - 2016-08-03 07:46 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 19:47 - 2016-08-03 07:46 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 19:47 - 2016-08-03 07:44 - 02495776 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-10 19:47 - 2016-08-03 07:44 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-08-10 19:47 - 2016-08-03 07:44 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-08-10 19:47 - 2016-08-03 07:44 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-10 19:47 - 2016-08-03 07:38 - 01134792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-08-10 19:47 - 2016-08-03 07:38 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 19:47 - 2016-08-03 07:38 - 00724168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-08-10 19:47 - 2016-08-03 07:38 - 00252760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-08-10 19:47 - 2016-08-03 07:38 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-08-10 19:47 - 2016-08-03 07:37 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-08-10 19:47 - 2016-08-03 07:33 - 00224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-08-10 19:47 - 2016-08-03 07:32 - 00983904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-08-10 19:47 - 2016-08-03 06:57 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-08-10 19:47 - 2016-08-03 06:57 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 19:47 - 2016-08-03 06:55 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-08-10 19:47 - 2016-08-03 06:54 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-10 19:47 - 2016-08-03 06:53 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-08-10 19:47 - 2016-08-03 06:52 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-10 19:47 - 2016-08-03 06:51 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-08-10 19:47 - 2016-08-03 06:49 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2016-08-10 19:47 - 2016-08-03 06:49 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 19:47 - 2016-08-03 06:47 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-08-10 19:47 - 2016-08-03 06:47 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2016-08-10 19:47 - 2016-08-03 06:47 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-08-10 19:47 - 2016-08-03 06:47 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-08-10 19:47 - 2016-08-03 06:46 - 01416704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 19:47 - 2016-08-03 06:46 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-08-10 19:47 - 2016-08-03 06:46 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-10 19:47 - 2016-08-03 06:46 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-10 19:47 - 2016-08-03 06:46 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-08-10 19:47 - 2016-08-03 06:45 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 19:47 - 2016-08-03 06:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassvcs.dll
2016-08-10 19:47 - 2016-08-03 06:44 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-10 19:47 - 2016-08-03 06:44 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-08-10 19:47 - 2016-08-03 06:44 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-08-10 19:47 - 2016-08-03 06:44 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-08-10 19:47 - 2016-08-03 06:43 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-08-10 19:47 - 2016-08-03 06:43 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-08-10 19:47 - 2016-08-03 06:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-08-10 19:47 - 2016-08-03 06:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-08-10 19:47 - 2016-08-03 06:42 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 19:47 - 2016-08-03 06:42 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-08-10 19:47 - 2016-08-03 06:41 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2016-08-10 19:47 - 2016-08-03 06:41 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2016-08-10 19:47 - 2016-08-03 06:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-08-10 19:47 - 2016-08-03 06:40 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 19:47 - 2016-08-03 06:40 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-10 19:47 - 2016-08-03 06:40 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-08-10 19:47 - 2016-08-03 06:40 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-08-10 19:47 - 2016-08-03 06:39 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-08-10 19:47 - 2016-08-03 06:39 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 19:47 - 2016-08-03 06:39 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-10 19:47 - 2016-08-03 06:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-10 19:47 - 2016-08-03 06:39 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-08-10 19:47 - 2016-08-03 06:39 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-08-10 19:47 - 2016-08-03 06:38 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-08-10 19:47 - 2016-08-03 06:38 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-08-10 19:47 - 2016-08-03 06:38 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-08-10 19:47 - 2016-08-03 06:38 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 19:47 - 2016-08-03 06:38 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 19:47 - 2016-08-03 06:37 - 04168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-08-10 19:47 - 2016-08-03 06:37 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-08-10 19:47 - 2016-08-03 06:37 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassvcs.dll
2016-08-10 19:47 - 2016-08-03 06:36 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-08-10 19:47 - 2016-08-03 06:36 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-08-10 19:47 - 2016-08-03 06:36 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-08-10 19:47 - 2016-08-03 06:36 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2016-08-10 19:47 - 2016-08-03 06:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-08-10 19:47 - 2016-08-03 06:35 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 19:47 - 2016-08-03 06:35 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-08-10 19:47 - 2016-08-03 06:35 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-08-10 19:47 - 2016-08-03 06:35 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-08-10 19:47 - 2016-08-03 06:35 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-08-10 19:47 - 2016-08-03 06:35 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-08-10 19:47 - 2016-08-03 06:35 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 01522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00763904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-08-10 19:47 - 2016-08-03 06:34 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-08-10 19:47 - 2016-08-03 06:33 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 19:47 - 2016-08-03 06:33 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-08-10 19:47 - 2016-08-03 06:33 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 19:47 - 2016-08-03 06:33 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-10 19:47 - 2016-08-03 06:33 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-08-10 19:47 - 2016-08-03 06:33 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 19:47 - 2016-08-03 06:33 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-08-10 19:47 - 2016-08-03 06:32 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-08-10 19:47 - 2016-08-03 06:32 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-08-10 19:47 - 2016-08-03 06:32 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 19:47 - 2016-08-03 06:32 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-10 19:47 - 2016-08-03 06:32 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-10 19:47 - 2016-08-03 06:32 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-08-10 19:47 - 2016-08-03 06:31 - 01096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2016-08-10 19:47 - 2016-08-03 06:31 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2016-08-10 19:47 - 2016-08-03 06:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-08-10 19:47 - 2016-08-03 06:31 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 19:47 - 2016-08-03 06:30 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-08-10 19:47 - 2016-08-03 06:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 19:47 - 2016-08-03 06:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 19:47 - 2016-08-03 06:29 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-08-10 19:47 - 2016-08-03 06:29 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-08-10 19:47 - 2016-08-03 06:27 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-08-10 19:47 - 2016-08-03 06:27 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-08-10 19:47 - 2016-08-03 06:26 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 19:47 - 2016-08-03 06:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-08-10 19:47 - 2016-08-03 06:26 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-10 19:47 - 2016-08-03 06:26 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-08-10 19:47 - 2016-08-03 06:26 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-08-10 19:47 - 2016-08-03 06:25 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-08-10 19:47 - 2016-08-03 06:25 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2016-08-10 19:47 - 2016-08-03 06:25 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-10 19:47 - 2016-08-03 06:25 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-08-10 19:47 - 2016-08-03 06:25 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2016-08-10 19:47 - 2016-08-03 06:25 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-08-10 19:47 - 2016-08-03 06:25 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-08-10 19:47 - 2016-08-03 06:21 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2016-08-10 19:47 - 2016-08-03 06:21 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-08-09 12:07 - 2016-08-09 12:07 - 00180384 _____ C:\Users\letae\Desktop\BSP_PS_2016_17-1.xlsx
2016-08-04 16:25 - 2016-08-04 16:25 - 00345752 _____ C:\Users\letae\Desktop\UZ2-Studijní-UTB-5-R.pdf
2016-08-04 14:02 - 2016-08-04 14:02 - 00000000 ____D C:\Users\letae\Downloads\Avengers.Age.of.Ultron.2015.480p.BDRip.XviD.AC3.CZ-HiDE
2016-08-04 13:59 - 2016-08-04 15:12 - 00000000 ____D C:\Users\letae\Downloads\Do hlbiny 1,2
2016-08-03 21:07 - 2016-08-03 21:07 - 00742406 _____ C:\Users\letae\Desktop\20160630082537566.pdf
2016-07-26 11:46 - 2016-07-26 11:55 - 1502865408 _____ C:\Users\letae\Downloads\LEGO® příběh.avi
2016-07-24 21:26 - 2016-07-24 21:38 - 1473105920 _____ C:\Users\letae\Downloads\Konečně doma2015.480p.BDRip.XviD.AC3.CZ-HiDE.avi
2016-07-24 21:25 - 2016-07-24 21:35 - 1280982268 _____ C:\Users\letae\Downloads\Zootopia.2016.BRRip.XviD.AC3.CZ-EVO.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-22 18:18 - 2016-05-25 18:35 - 00000000 ___RD C:\Users\letae\OneDrive
2016-08-22 18:18 - 2016-05-25 18:30 - 00000000 __SHD C:\Users\letae\IntelGraphicsProfiles
2016-08-21 17:11 - 2016-07-17 14:27 - 00000000 ____D C:\Users\letae\Downloads\Subs
2016-08-18 19:48 - 2015-07-16 17:54 - 01765712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-17 13:30 - 2015-07-10 13:04 - 00000167 _____ C:\WINDOWS\win.ini
2016-08-17 07:30 - 2015-09-11 12:31 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-17 07:29 - 2015-09-20 15:54 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-08-17 07:28 - 2015-07-07 03:52 - 26706464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-17 07:28 - 2015-07-07 03:52 - 01563760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-17 07:28 - 2015-07-07 03:52 - 01323040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-17 07:28 - 2015-07-07 03:52 - 00521752 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-17 07:28 - 2015-07-07 03:52 - 00518176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-17 07:28 - 2015-07-07 03:52 - 00459808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-17 07:28 - 2015-07-07 03:52 - 00287264 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-08-15 09:00 - 2016-04-27 10:09 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-14 02:25 - 2015-07-10 12:59 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2016-08-13 21:01 - 2016-06-18 16:50 - 00000000 ____D C:\Hry
2016-08-13 20:08 - 2015-07-16 17:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-13 20:06 - 2015-09-11 12:39 - 00000000 ____D C:\ProgramData\McAfee
2016-08-13 18:54 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-08-13 18:52 - 2015-09-11 12:48 - 00000000 ____D C:\ProgramData\Lenovo
2016-08-13 18:52 - 2015-09-11 12:36 - 00000000 ____D C:\Program Files\Lenovo
2016-08-13 18:52 - 2015-09-11 12:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-08-13 18:50 - 2015-09-11 12:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-13 18:42 - 2015-09-20 16:13 - 00000000 ____D C:\Users\Public\Documents\Lenovo
2016-08-13 18:40 - 2015-09-11 12:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2016-08-13 18:40 - 2015-09-11 12:35 - 00000000 ____D C:\ProgramData\CyberLink
2016-08-13 18:40 - 2015-09-11 12:33 - 00000000 ____D C:\ProgramData\Temp
2016-08-13 18:40 - 2015-09-11 12:33 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-08-13 17:26 - 2015-07-28 06:42 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-08-13 17:26 - 2015-07-28 06:42 - 00642168 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2016-08-13 17:16 - 2015-09-20 15:56 - 01798552 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-08-13 17:08 - 2015-09-20 16:07 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-08-13 17:08 - 2015-09-20 15:58 - 00000000 ____D C:\WINDOWS\Cnxt
2016-08-13 17:08 - 2015-09-11 12:36 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-08-13 17:07 - 2015-09-20 16:15 - 00000000 ____D C:\ProgramData\OneKey Recovery
2016-08-13 17:07 - 2015-09-11 12:45 - 00000000 ____D C:\Users\Public\CyberLink
2016-08-13 17:07 - 2015-07-16 17:50 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-13 17:06 - 2015-09-20 16:06 - 00000000 ____D C:\ProgramData\Intel.sav
2016-08-13 17:06 - 2015-09-20 15:55 - 00000000 ____D C:\ProgramData\Intel
2016-08-13 17:06 - 2015-09-20 15:55 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-08-13 17:06 - 2015-09-11 12:35 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2016-08-13 17:06 - 2015-09-11 12:33 - 00000000 ____D C:\ProgramData\install_clap
2016-08-13 17:03 - 2015-09-20 16:13 - 00000000 ____D C:\Program Files\update
2016-08-13 17:03 - 2015-09-20 16:06 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-08-13 17:03 - 2015-09-20 15:50 - 00000000 ____D C:\Program Files (x86)\Intel
2016-08-13 17:03 - 2015-09-11 12:35 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-08-13 17:01 - 2015-09-20 16:06 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-08-13 16:56 - 2015-09-20 15:49 - 00000000 ___HD C:\Intel
2016-08-13 10:42 - 2016-05-25 19:02 - 00000000 ____D C:\Users\letae\Desktop\Ela
2016-08-07 08:50 - 2016-05-25 19:40 - 00000000 ____D C:\Users\letae\AppData\LocalLow\Lenovo

==================== Files in the root of some directories =======

2016-08-13 16:53 - 2016-08-13 16:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\letae\AppData\Local\Temp\libeay32.dll
C:\Users\letae\AppData\Local\Temp\msvcr120.dll
C:\Users\letae\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-13 16:47

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-71674399-911695515-4203967766-1001 -> DefaultScope {0971F776-50F6-4CD8-AB5E-EE072F517D91} URL =
SearchScopes: HKU\S-1-5-21-71674399-911695515-4203967766-1001 -> {0971F776-50F6-4CD8-AB5E-EE072F517D91} URL =
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\letae\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[EliškaL12]

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by letae (22-08-2016 19:14:26) Run:1
Running from C:\Users\letae\Desktop
Loaded Profiles: letae (Available Profiles: letae)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-71674399-911695515-4203967766-1001 -> DefaultScope {0971F776-50F6-4CD8-AB5E-EE072F517D91} URL =
SearchScopes: HKU\S-1-5-21-71674399-911695515-4203967766-1001 -> {0971F776-50F6-4CD8-AB5E-EE072F517D91} URL =
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\letae\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-71674399-911695515-4203967766-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
HKU\S-1-5-21-71674399-911695515-4203967766-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-71674399-911695515-4203967766-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0971F776-50F6-4CD8-AB5E-EE072F517D91}" => key removed successfully
HKCR\CLSID\{0971F776-50F6-4CD8-AB5E-EE072F517D91} => key not found.
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\letae\AppData\Local\Temp" folder move:

Could not move "C:\Users\letae\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-08-2016 19:15:58)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\letae\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:16:01 ====

[Rudy]

Smazáno, log je již OK.

[EliškaL12]

Díky, ale nevíte proč se mi nechtějí načíst videa na youtube na chromu? Točí se tam kolečko, ale nic. Někdy to najede, ale pak se to zase točí.

[Rudy]

Zkuste přeinstalovat FlashPlayer.

[EliškaL12]

Nepomohlo to, pořád se to dlouho točí a pak možná najede, na microsoft edge mi to najede hned.

[Rudy]

Zkusíme tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[EliškaL12]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by letae on 23.08.2016 at 8:33:36,15.
Microsoft Windows 10 Home 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\letae\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23.08.2016 8:34:44 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\SUPPORTDIR deleted successfully
C:\Users\letae\AppData\Local\Adobe deleted successfully
C:\Users\letae\AppData\Local\CrashDumps deleted successfully
C:\Users\letae\AppData\Local\CyberLink deleted successfully
C:\Users\letae\AppData\Local\NetworkTiles deleted successfully
C:\Users\letae\AppData\Local\PackageStaging deleted successfully
C:\Users\letae\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

==== Chromium Look ======================

GIFPAL - letae\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\noohoboklgjeccnihfkbdakbchbhjlch
Chrome Media Router - letae\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0971F776-50F6-4CD8-AB5E-EE072F517D91}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{0971F776-50F6-4CD8-AB5E-EE072F517D91} - http://www.bing.com/search?q={searchTer ... TR&pc=LCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0971F776-50F6-4CD8-AB5E-EE072F517D91}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{0971F776-50F6-4CD8-AB5E-EE072F517D91} - http://www.bing.com/search?q={searchTer ... TR&pc=LCTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\letae\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\letae\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\letae\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\letae\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data will be reset at reboot
C:\Users\letae\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\letae\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\letae\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\letae\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\letae\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\letae\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=49 folders=51 117487901 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\letae\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\letae\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data" not found
"C:\Users\letae\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal" not found

==== EOF on 23.08.2016 at 9:03:46,01 ======================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by letae (Administrator) on 23.08.2016 at 9:05:40,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 1

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0139521471894468mcinstcleanup (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.08.2016 at 9:07:19,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

Zlepšilo se něco teď?

[EliškaL12]

Ano, už to jede normálně. Díky moc.