Preventívna kontrola (spomalený tablet)

[psychoSVK]

Zdravím, poprosím o preventivnu kontrolu, kedže sa mi zdá, že tablet ide v poslednej dobe akosi pomalsie.




Logfile of random's system information tool 1.10 (written by random/random)
Run by cehla at 2016-09-02 17:30:06
Microsoft Windows 10 Home
System drive C: has 35 GB (60%) free of 58 GB
Total RAM: 1987 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:30:35, on 02.09.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
Boot mode: Normal

Running processes:
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\SettingSyncHost.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Oracle\Java\javapath\javaw.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\cehla\Desktop\RSIT.exe
C:\Program Files\trend micro\cehla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [InstallerLauncher] "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\Installer.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\cehla\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [AirDroid 3] C:\Program Files\AirDroid\AirDroid.exe /start
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: SACRA tray icon.lnk = C:\Program Files\Dynafleet Stand Alone Card Reader Application\bat\startTrayIcon.bat
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: @oem7.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\Windows\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem7.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\Windows\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem7.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\Windows\system32\DptfPolicyLpmService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\Windows\system32\igfxCUIService.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Dynafleet Card Reader (SACRA) - Unknown owner - C:\Program Files\Dynafleet Stand Alone Card Reader Application\bin\CraServiceLauncher.exe

--
End of file - 5839 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-04 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-04 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DptfPolicyLpmServiceHelper"=C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [2015-06-23 113664]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]
"InstallerLauncher"=C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\Installer.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\cehla\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-06 633024]
"AirDroid 3"=C:\Program Files\AirDroid\AirDroid.exe [2016-07-25 8696832]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SACRA tray icon.lnk - C:\Program Files\Dynafleet Stand Alone Card Reader Application\bat\startTrayIcon.bat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-02 17:30:07 ----D---- C:\Program Files\trend micro
2016-09-02 17:30:06 ----D---- C:\rsit
2016-08-29 23:48:17 ----D---- C:\Users\cehla\AppData\Roaming\vlc
2016-08-29 21:43:42 ----D---- C:\Users\cehla\AppData\Roaming\WinRAR
2016-08-29 21:41:58 ----D---- C:\Program Files\WinRAR
2016-08-29 20:29:26 ----A---- C:\bdlog.txt
2016-08-29 20:26:43 ----A---- C:\Windows\capicom.dll
2016-08-29 20:14:48 ----D---- C:\Users\cehla\AppData\Roaming\QuickScan
2016-08-28 11:09:24 ----D---- C:\ProgramData\Canneverbe Limited
2016-08-28 11:09:18 ----D---- C:\Users\cehla\AppData\Roaming\Canneverbe Limited
2016-08-28 11:09:08 ----D---- C:\Program Files\CDBurnerXP
2016-08-28 10:36:40 ----D---- C:\Program Files\Bitdefender Agent
2016-08-28 10:20:03 ----D---- C:\ProgramData\BDLogging
2016-08-27 16:28:21 ----D---- C:\ProgramData\Bitdefender Agent
2016-08-15 12:17:03 ----D---- C:\Users\cehla\AppData\Roaming\LibreOffice
2016-08-14 14:22:41 ----D---- C:\AirDroid
2016-08-14 14:21:48 ----D---- C:\Program Files\AirDroid
2016-08-12 16:25:58 ----D---- C:\ProgramData\Blizzard Entertainment
2016-08-12 16:05:06 ----D---- C:\Users\cehla\AppData\Roaming\Battle.net
2016-08-12 16:03:03 ----D---- C:\ProgramData\Battle.net
2016-08-09 23:20:10 ----A---- C:\Windows\system32\mstscax.dll
2016-08-09 23:20:08 ----A---- C:\Windows\system32\ole32.dll
2016-08-09 23:20:08 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2016-08-09 23:20:07 ----A---- C:\Windows\system32\wuuhext.dll
2016-08-09 23:20:07 ----A---- C:\Windows\system32\wevtutil.exe
2016-08-09 23:20:06 ----A---- C:\Windows\system32\drivers\pdc.sys
2016-08-09 23:20:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-08-09 23:20:03 ----A---- C:\Windows\system32\wininet.dll
2016-08-09 23:20:02 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-09 23:20:01 ----A---- C:\Windows\system32\urlmon.dll
2016-08-09 23:20:01 ----A---- C:\Windows\system32\iertutil.dll
2016-08-09 23:20:00 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-08-09 23:19:59 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-08-09 23:19:57 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-08-09 23:19:57 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-08-09 23:19:57 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-09 23:19:57 ----A---- C:\Windows\system32\kerberos.dll
2016-08-09 23:19:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-09 23:19:56 ----A---- C:\Windows\system32\drivers\cng.sys
2016-08-09 23:19:55 ----A---- C:\Windows\system32\WWAHost.exe
2016-08-09 23:19:54 ----A---- C:\Windows\system32\wmp.dll
2016-08-09 23:19:52 ----A---- C:\Windows\system32\sppobjs.dll
2016-08-09 23:19:51 ----A---- C:\Windows\system32\wwansvc.dll
2016-08-09 23:19:51 ----A---- C:\Windows\system32\sppwinob.dll
2016-08-09 23:19:50 ----A---- C:\Windows\system32\drivers\storport.sys
2016-08-09 23:19:49 ----A---- C:\Windows\system32\drivers\bthpan.sys
2016-08-09 23:19:48 ----A---- C:\Windows\system32\wuaueng.dll
2016-08-09 23:19:43 ----A---- C:\Windows\system32\win32kfull.sys
2016-08-09 23:19:42 ----A---- C:\Windows\system32\Windows.UI.Logon.dll
2016-08-09 23:19:42 ----A---- C:\Windows\system32\tdlrecover.exe
2016-08-09 23:19:41 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2016-08-09 23:19:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-08-09 23:19:40 ----A---- C:\Windows\system32\win32kbase.sys
2016-08-09 23:19:40 ----A---- C:\Windows\system32\tileobjserver.dll
2016-08-09 23:19:39 ----A---- C:\Windows\system32\LogonController.dll
2016-08-09 23:19:39 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2016-08-09 23:19:38 ----A---- C:\Windows\system32\SensorsApi.dll
2016-08-09 23:19:38 ----A---- C:\Windows\system32\GdiPlus.dll
2016-08-09 23:19:37 ----A---- C:\Windows\system32\VEEventDispatcher.dll
2016-08-09 23:19:37 ----A---- C:\Windows\system32\LockAppHost.exe
2016-08-09 23:19:37 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-08-09 23:19:36 ----A---- C:\Windows\system32\MusNotification.exe
2016-08-09 23:19:35 ----A---- C:\Windows\system32\MusNotificationUx.exe
2016-08-09 23:19:35 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-08-09 23:19:35 ----A---- C:\Windows\system32\cdd.dll
2016-08-09 23:19:34 ----A---- C:\Windows\system32\wuauclt.exe
2016-08-09 23:19:34 ----A---- C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-08-09 23:19:34 ----A---- C:\Windows\system32\SensorsNativeApi.dll
2016-08-09 23:19:34 ----A---- C:\Windows\system32\musdialoghandlers.dll
2016-08-09 23:19:34 ----A---- C:\Windows\system32\IdCtrls.dll
2016-08-09 23:19:33 ----A---- C:\Windows\system32\wuapi.dll
2016-08-09 23:19:33 ----A---- C:\Windows\system32\winsrv.dll
2016-08-09 23:19:33 ----A---- C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-08-09 23:19:33 ----A---- C:\Windows\system32\SensorService.dll
2016-08-09 23:19:32 ----A---- C:\Windows\system32\WUDFPlatform.dll
2016-08-09 23:19:32 ----A---- C:\Windows\system32\msfeeds.dll
2016-08-09 23:19:31 ----A---- C:\Windows\system32\ieframe.dll
2016-08-09 23:19:28 ----A---- C:\Windows\system32\mshtml.dll
2016-08-09 23:19:23 ----A---- C:\Windows\system32\edgehtml.dll
2016-08-09 23:19:20 ----A---- C:\Windows\system32\Chakra.dll
2016-08-09 23:19:19 ----A---- C:\Windows\system32\jscript9.dll
2016-08-09 23:19:18 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-08-09 23:19:17 ----A---- C:\Windows\system32\rdpcorets.dll
2016-08-09 23:19:17 ----A---- C:\Windows\system32\appraiser.dll
2016-08-09 23:19:17 ----A---- C:\Windows\system32\acmigration.dll
2016-08-09 23:19:16 ----A---- C:\Windows\system32\dbgeng.dll
2016-08-09 23:19:15 ----A---- C:\Windows\system32\ActiveSyncProvider.dll
2016-08-09 23:19:14 ----A---- C:\Windows\system32\NetSetupEngine.dll
2016-08-09 23:19:14 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-08-09 23:19:12 ----A---- C:\Windows\system32\RecoveryDrive.exe
2016-08-09 23:19:12 ----A---- C:\Windows\system32\ieapfltr.dll
2016-08-09 23:19:11 ----A---- C:\Windows\system32\NetSetupSvc.dll
2016-08-09 23:19:11 ----A---- C:\Windows\system32\drivers\pci.sys
2016-08-09 23:19:10 ----A---- C:\Windows\system32\wldp.dll
2016-08-09 23:19:10 ----A---- C:\Windows\system32\TpmTasks.dll
2016-08-09 23:19:10 ----A---- C:\Windows\system32\NetSetupApi.dll
2016-08-09 23:19:10 ----A---- C:\Windows\system32\drivers\bthenum.sys
2016-08-09 23:19:09 ----A---- C:\Windows\system32\rdpudd.dll
2016-08-09 23:19:09 ----A---- C:\Windows\system32\iedkcs32.dll
2016-08-09 23:19:09 ----A---- C:\Windows\system32\bthserv.dll
2016-08-09 23:19:08 ----A---- C:\Windows\system32\wshbth.dll
2016-08-09 23:19:08 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2016-08-09 23:19:07 ----A---- C:\Windows\system32\ie4uinit.exe
2016-08-09 23:19:07 ----A---- C:\Windows\system32\BluetoothApis.dll
2016-08-09 23:07:02 ----SHD---- C:\Config.Msi
2016-08-08 08:01:12 ----AD---- C:\Program Files\LibreOffice 5
2016-08-06 08:52:49 ----D---- C:\Users\cehla\AppData\Roaming\Skype
2016-08-05 12:45:52 ----D---- C:\Users\cehla\AppData\Roaming\Thunderbird
2016-08-05 12:44:21 ----AD---- C:\Program Files\Mozilla Thunderbird
2016-08-05 09:27:17 ----D---- C:\Program Files\VideoLAN
2016-08-04 22:39:14 ----N---- C:\Windows\system32\MpSigStub.exe
2016-08-04 22:28:49 ----D---- C:\Windows\system32\MRT
2016-08-04 22:28:45 ----AC---- C:\Windows\system32\MRT.exe
2016-08-04 22:26:08 ----A---- C:\Windows\system32\jsproxy.dll
2016-08-04 22:26:07 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2016-08-04 22:26:06 ----A---- C:\Windows\system32\audiosrv.dll
2016-08-04 22:26:04 ----A---- C:\Windows\system32\mos.dll
2016-08-04 22:26:02 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-04 22:25:56 ----A---- C:\Windows\system32\sppsvc.exe
2016-08-04 22:25:55 ----A---- C:\Windows\system32\BingMaps.dll
2016-08-04 22:25:48 ----A---- C:\Windows\system32\wininetlui.dll
2016-08-04 22:25:44 ----A---- C:\Windows\system32\esent.dll
2016-08-04 22:25:39 ----A---- C:\Windows\system32\wlidsvc.dll
2016-08-04 22:25:39 ----A---- C:\Windows\system32\qdvd.dll
2016-08-04 22:25:38 ----A---- C:\Windows\system32\msftedit.dll
2016-08-04 22:25:38 ----A---- C:\Windows\system32\d3d11.dll
2016-08-04 22:25:36 ----A---- C:\Windows\system32\AudioSes.dll
2016-08-04 22:25:36 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-08-04 22:25:36 ----A---- C:\Windows\system32\audiodg.exe
2016-08-04 22:25:35 ----A---- C:\Windows\system32\MapsStore.dll
2016-08-04 22:25:34 ----A---- C:\Windows\system32\UIAutomationCore.dll
2016-08-04 22:25:33 ----A---- C:\Windows\system32\wifinetworkmanager.dll
2016-08-04 22:25:33 ----A---- C:\Windows\system32\quartz.dll
2016-08-04 22:25:31 ----A---- C:\Windows\system32\usermgr.dll
2016-08-04 22:25:31 ----A---- C:\Windows\system32\msctf.dll
2016-08-04 22:25:30 ----A---- C:\Windows\system32\winlogon.exe
2016-08-04 22:25:30 ----A---- C:\Windows\system32\PhoneProviders.dll
2016-08-04 22:25:30 ----A---- C:\Windows\system32\NetSetupShim.dll
2016-08-04 22:25:30 ----A---- C:\Windows\system32\MapControlCore.dll
2016-08-04 22:25:29 ----A---- C:\Windows\system32\MPSSVC.dll
2016-08-04 22:25:29 ----A---- C:\Windows\system32\dcomp.dll
2016-08-04 22:25:29 ----A---- C:\Windows\system32\d2d1.dll
2016-08-04 22:25:28 ----A---- C:\Windows\system32\XblAuthManager.dll
2016-08-04 22:25:28 ----A---- C:\Windows\system32\wcmsvc.dll
2016-08-04 22:25:28 ----A---- C:\Windows\system32\MBMediaManager.dll
2016-08-04 22:25:27 ----A---- C:\Windows\system32\PhoneService.dll
2016-08-04 22:25:26 ----A---- C:\Windows\system32\SmsRouterSvc.dll
2016-08-04 22:25:26 ----A---- C:\Windows\system32\netlogon.dll
2016-08-04 22:25:25 ----A---- C:\Windows\system32\Wpc.dll
2016-08-04 22:25:25 ----A---- C:\Windows\system32\schannel.dll
2016-08-04 22:25:25 ----A---- C:\Windows\system32\gpsvc.dll
2016-08-04 22:25:24 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-04 22:25:23 ----A---- C:\Windows\system32\user32.dll
2016-08-04 22:25:23 ----A---- C:\Windows\system32\MapConfiguration.dll
2016-08-04 22:25:23 ----A---- C:\Windows\system32\fontdrvhost.exe
2016-08-04 22:25:23 ----A---- C:\Windows\system32\dxgi.dll
2016-08-04 22:25:22 ----A---- C:\Windows\system32\WpcMon.exe
2016-08-04 22:25:22 ----A---- C:\Windows\system32\services.exe
2016-08-04 22:25:22 ----A---- C:\Windows\system32\CertEnroll.dll
2016-08-04 22:25:21 ----A---- C:\Windows\system32\ncbservice.dll
2016-08-04 22:25:21 ----A---- C:\Windows\system32\modernexecserver.dll
2016-08-04 22:25:20 ----A---- C:\Windows\system32\wlansvc.dll
2016-08-04 22:25:20 ----A---- C:\Windows\system32\StorSvc.dll
2016-08-04 22:25:19 ----A---- C:\Windows\system32\UIRibbon.dll
2016-08-04 22:25:19 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-08-04 22:25:18 ----A---- C:\Windows\system32\wifitask.exe
2016-08-04 22:25:18 ----A---- C:\Windows\system32\wer.dll
2016-08-04 22:25:18 ----A---- C:\Windows\system32\drivers\WdiWiFi.sys
2016-08-04 22:25:17 ----A---- C:\Windows\system32\JpMapControl.dll
2016-08-04 22:25:17 ----A---- C:\Windows\system32\d3d9.dll
2016-08-04 22:25:17 ----A---- C:\Windows\system32\d3d10level9.dll
2016-08-04 22:25:16 ----A---- C:\Windows\system32\gdi32.dll
2016-08-04 22:25:16 ----A---- C:\Windows\system32\directmanipulation.dll
2016-08-04 22:25:16 ----A---- C:\Windows\system32\atmfd.dll
2016-08-04 22:25:15 ----A---- C:\Windows\system32\profsvc.dll
2016-08-04 22:25:15 ----A---- C:\Windows\system32\MapsBtSvc.dll
2016-08-04 22:25:15 ----A---- C:\Windows\system32\d3d10warp.dll
2016-08-04 22:25:14 ----A---- C:\Windows\system32\ipnathlp.dll
2016-08-04 22:25:14 ----A---- C:\Windows\system32\crypt32.dll
2016-08-04 22:25:13 ----A---- C:\Windows\system32\wininit.exe
2016-08-04 22:25:13 ----A---- C:\Windows\system32\TokenBroker.dll
2016-08-04 22:25:13 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-08-04 22:25:13 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2016-08-04 22:25:12 ----A---- C:\Windows\system32\tzautoupdate.dll
2016-08-04 22:25:12 ----A---- C:\Windows\system32\sharemediacpl.dll
2016-08-04 22:25:11 ----A---- C:\Windows\system32\wcmcsp.dll
2016-08-04 22:25:11 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2016-08-04 22:25:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-08-04 22:25:10 ----A---- C:\Windows\system32\moshostcore.dll
2016-08-04 22:25:10 ----A---- C:\Windows\system32\dwmcore.dll
2016-08-04 22:25:09 ----A---- C:\Windows\system32\WWanAPI.dll
2016-08-04 22:25:09 ----A---- C:\Windows\system32\wifiprofilessettinghandler.dll
2016-08-04 22:25:09 ----A---- C:\Windows\system32\AppContracts.dll
2016-08-04 22:25:08 ----A---- C:\Windows\system32\wmpmde.dll
2016-08-04 22:25:08 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-08-04 22:25:08 ----A---- C:\Windows\system32\oleacc.dll
2016-08-04 22:25:07 ----A---- C:\Windows\system32\SubscriptionMgr.dll
2016-08-04 22:25:07 ----A---- C:\Windows\system32\aadtb.dll
2016-08-04 22:25:06 ----A---- C:\Windows\system32\ws2_32.dll
2016-08-04 22:25:06 ----A---- C:\Windows\system32\Windows.Globalization.dll
2016-08-04 22:25:06 ----A---- C:\Windows\system32\sqmapi.dll
2016-08-04 22:25:06 ----A---- C:\Windows\system32\rasdlg.dll
2016-08-04 22:25:05 ----A---- C:\Windows\system32\WiFiDisplay.dll
2016-08-04 22:25:05 ----A---- C:\Windows\system32\tetheringservice.dll
2016-08-04 22:25:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-04 22:25:04 ----A---- C:\Windows\system32\VEDataLayerHelpers.dll
2016-08-04 22:25:04 ----A---- C:\Windows\system32\samsrv.dll
2016-08-04 22:25:04 ----A---- C:\Windows\system32\flvprophandler.dll
2016-08-04 22:25:04 ----A---- C:\Windows\system32\drivers\ufxsynopsys.sys
2016-08-04 22:25:03 ----A---- C:\Windows\system32\Windows.Media.Devices.dll
2016-08-04 22:25:03 ----A---- C:\Windows\system32\rsaenh.dll
2016-08-04 22:25:03 ----A---- C:\Windows\system32\moshost.dll
2016-08-04 22:25:03 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-08-04 22:25:01 ----A---- C:\Windows\system32\wlidcli.dll
2016-08-04 22:25:01 ----A---- C:\Windows\system32\DWrite.dll
2016-08-04 22:25:00 ----A---- C:\Windows\system32\bisrv.dll
2016-08-04 22:25:00 ----A---- C:\Windows\system32\AuthBroker.dll
2016-08-04 22:24:59 ----A---- C:\Windows\system32\wlanapi.dll
2016-08-04 22:24:59 ----A---- C:\Windows\system32\pnidui.dll
2016-08-04 22:24:59 ----A---- C:\Windows\system32\drivers\BthLEEnum.sys
2016-08-04 22:24:59 ----A---- C:\Windows\system32\drivers\appid.sys
2016-08-04 22:24:58 ----A---- C:\Windows\system32\werconcpl.dll
2016-08-04 22:24:58 ----A---- C:\Windows\system32\MosHostClient.dll
2016-08-04 22:24:57 ----A---- C:\Windows\system32\AppxSysprep.dll
2016-08-04 22:24:56 ----A---- C:\Windows\system32\rasapi32.dll
2016-08-04 22:24:56 ----A---- C:\Windows\system32\MosStorage.dll
2016-08-04 22:24:56 ----A---- C:\Windows\system32\dui70.dll
2016-08-04 22:24:56 ----A---- C:\Windows\system32\drivers\bridge.sys
2016-08-04 22:24:55 ----A---- C:\Windows\system32\drivers\UcmCx.sys
2016-08-04 22:24:54 ----A---- C:\Windows\system32\psmsrv.dll
2016-08-04 22:24:54 ----A---- C:\Windows\system32\halmacpi.dll
2016-08-04 22:24:54 ----A---- C:\Windows\system32\hal.dll
2016-08-04 22:24:52 ----A---- C:\Windows\system32\WpcWebSync.dll
2016-08-04 22:24:52 ----A---- C:\Windows\system32\netshell.dll
2016-08-04 22:24:50 ----A---- C:\Windows\system32\srvcli.dll
2016-08-04 22:24:50 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-08-04 22:24:50 ----A---- C:\Windows\system32\fwbase.dll
2016-08-04 22:24:49 ----A---- C:\Windows\system32\wwanconn.dll
2016-08-04 22:24:49 ----A---- C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-08-04 22:24:49 ----A---- C:\Windows\system32\VEStoreEventHandlers.dll
2016-08-04 22:24:49 ----A---- C:\Windows\system32\SMSRouter.dll
2016-08-04 22:24:49 ----A---- C:\Windows\system32\netapi32.dll
2016-08-04 22:24:48 ----A---- C:\Windows\system32\usermgrcli.dll
2016-08-04 22:24:48 ----A---- C:\Windows\system32\hmkd.dll
2016-08-04 22:24:48 ----A---- C:\Windows\system32\easinvoker.exe
2016-08-04 22:24:48 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-08-04 22:24:47 ----A---- C:\Windows\system32\wkscli.dll
2016-08-04 22:24:47 ----A---- C:\Windows\system32\ClipUp.exe
2016-08-04 22:24:46 ----A---- C:\Windows\system32\Windows.Graphics.Printing.dll
2016-08-04 22:24:46 ----A---- C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2016-08-04 22:24:46 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-08-04 22:24:46 ----A---- C:\Windows\system32\eappcfg.dll
2016-08-04 22:24:46 ----A---- C:\Windows\system32\drivers\usbser.sys
2016-08-04 22:24:45 ----A---- C:\Windows\system32\rastls.dll
2016-08-04 22:24:45 ----A---- C:\Windows\system32\NetworkUXBroker.exe
2016-08-04 22:24:45 ----A---- C:\Windows\system32\gpapi.dll
2016-08-04 22:24:45 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-08-04 22:24:44 ----A---- C:\Windows\system32\wermgr.exe
2016-08-04 22:24:44 ----A---- C:\Windows\system32\SimCfg.dll
2016-08-04 22:24:44 ----A---- C:\Windows\system32\cryptsvc.dll
2016-08-04 22:24:44 ----A---- C:\Windows\system32\AuthHost.exe
2016-08-04 22:24:43 ----A---- C:\Windows\system32\SimAuth.dll
2016-08-04 22:24:43 ----A---- C:\Windows\system32\ProximityCommon.dll
2016-08-04 22:24:43 ----A---- C:\Windows\system32\polstore.dll
2016-08-04 22:24:43 ----A---- C:\Windows\system32\FontProvider.dll
2016-08-04 22:24:43 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-08-04 22:24:43 ----A---- C:\Windows\system32\asycfilt.dll
2016-08-04 22:24:42 ----A---- C:\Windows\system32\wsqmcons.exe
2016-08-04 22:24:42 ----A---- C:\Windows\system32\wbiosrvc.dll
2016-08-04 22:24:42 ----A---- C:\Windows\system32\LicenseManagerShellext.exe
2016-08-04 22:24:42 ----A---- C:\Windows\system32\drivers\serial.sys
2016-08-04 22:24:42 ----A---- C:\Windows\system32\browcli.dll
2016-08-04 22:24:42 ----A---- C:\Windows\system32\AppxSip.dll
2016-08-04 22:24:41 ----A---- C:\Windows\system32\drivers\nwifi.sys
2016-08-04 22:24:40 ----A---- C:\Windows\system32\vpnike.dll
2016-08-04 22:24:40 ----A---- C:\Windows\system32\srpapi.dll
2016-08-04 22:24:40 ----A---- C:\Windows\system32\olepro32.dll
2016-08-04 22:24:40 ----A---- C:\Windows\system32\iassam.dll
2016-08-04 22:24:40 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2016-08-04 22:24:39 ----A---- C:\Windows\system32\NotificationObjFactory.dll
2016-08-04 22:24:39 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2016-08-04 22:24:38 ----A---- C:\Windows\system32\updatepolicy.dll
2016-08-04 22:24:38 ----A---- C:\Windows\system32\rasauto.dll
2016-08-04 22:24:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-08-04 22:24:37 ----A---- C:\Windows\system32\werui.dll
2016-08-04 22:24:37 ----A---- C:\Windows\system32\duser.dll
2016-08-04 22:24:36 ----A---- C:\Windows\system32\StikyNot.exe
2016-08-04 22:24:36 ----A---- C:\Windows\system32\fvewiz.dll
2016-08-04 22:24:36 ----A---- C:\Windows\system32\dssvc.dll
2016-08-04 22:24:36 ----A---- C:\Windows\system32\cdpsvc.dll
2016-08-04 22:24:35 ----A---- C:\Windows\system32\wwanmm.dll
2016-08-04 22:24:35 ----A---- C:\Windows\system32\wlanmsm.dll
2016-08-04 22:24:35 ----A---- C:\Windows\system32\browser.dll
2016-08-04 22:24:35 ----A---- C:\Windows\system32\apprepapi.dll
2016-08-04 22:24:34 ----A---- C:\Windows\system32\wcnwiz.dll
2016-08-04 22:24:33 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-08-04 22:24:33 ----A---- C:\Windows\system32\rasgcw.dll
2016-08-04 22:24:33 ----A---- C:\Windows\system32\httpprxm.dll
2016-08-04 22:24:32 ----A---- C:\Windows\system32\rasautou.exe
2016-08-04 22:24:32 ----A---- C:\Windows\system32\fvecpl.dll
2016-08-04 22:24:32 ----A---- C:\Windows\system32\easwrt.dll
2016-08-04 22:24:32 ----A---- C:\Windows\system32\certcli.dll
2016-08-04 22:24:31 ----A---- C:\Windows\system32\WlanMediaManager.dll
2016-08-04 22:24:31 ----A---- C:\Windows\system32\eappprxy.dll
2016-08-04 22:24:31 ----A---- C:\Windows\system32\adhsvc.dll
2016-08-04 22:24:30 ----A---- C:\Windows\system32\profext.dll
2016-08-04 22:24:30 ----A---- C:\Windows\system32\msra.exe
2016-08-04 22:24:30 ----A---- C:\Windows\system32\hlink.dll
2016-08-04 22:24:29 ----A---- C:\Windows\system32\WLanConn.dll
2016-08-04 22:24:29 ----A---- C:\Windows\system32\wfdprov.dll
2016-08-04 22:24:28 ----A---- C:\Windows\system32\wlansvcpal.dll
2016-08-04 22:24:28 ----A---- C:\Windows\system32\TokenBrokerCookies.exe
2016-08-04 22:24:28 ----A---- C:\Windows\system32\httpprxp.dll
2016-08-04 22:24:28 ----A---- C:\Windows\system32\eapphost.dll
2016-08-04 22:24:28 ----A---- C:\Windows\system32\eapp3hst.dll
2016-08-04 22:24:27 ----A---- C:\Windows\system32\WmpDui.dll
2016-08-04 22:24:27 ----A---- C:\Windows\system32\aadcloudap.dll
2016-08-04 22:24:26 ----A---- C:\Windows\system32\tbauth.dll
2016-08-04 22:24:26 ----A---- C:\Windows\system32\GlobCollationHost.dll
2016-08-04 22:24:26 ----A---- C:\Windows\system32\eappgnui.dll
2016-08-04 22:24:26 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-08-04 22:24:26 ----A---- C:\Windows\system32\dot3ui.dll
2016-08-04 22:24:25 ----A---- C:\Windows\system32\irmon.dll
2016-08-04 22:24:25 ----A---- C:\Windows\system32\apprepsync.dll
2016-08-04 22:24:24 ----A---- C:\Windows\system32\WpcWebFilter.dll
2016-08-04 22:24:24 ----A---- C:\Windows\system32\wlansec.dll
2016-08-04 22:24:24 ----A---- C:\Windows\system32\UIRibbonRes.dll
2016-08-04 22:24:24 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-08-04 22:24:23 ----A---- C:\Windows\system32\wfapigp.dll
2016-08-04 22:24:23 ----A---- C:\Windows\system32\samlib.dll
2016-08-04 22:24:23 ----A---- C:\Windows\system32\NMAA.dll
2016-08-04 22:24:23 ----A---- C:\Windows\system32\mapsupdatetask.dll
2016-08-04 22:24:23 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-08-04 22:24:22 ----A---- C:\Windows\system32\wificonnapi.dll
2016-08-04 22:24:22 ----A---- C:\Windows\system32\UserMgrProxy.dll
2016-08-04 22:24:22 ----A---- C:\Windows\system32\oleacchooks.dll
2016-08-04 22:24:22 ----A---- C:\Windows\system32\MapsCSP.dll
2016-08-04 22:24:22 ----A---- C:\Windows\system32\fwpolicyiomgr.dll
2016-08-04 22:24:21 ----A---- C:\Windows\system32\winbio.dll
2016-08-04 22:24:21 ----A---- C:\Windows\system32\WiFiConfigSP.dll
2016-08-04 22:24:21 ----A---- C:\Windows\system32\rasadhlp.dll
2016-08-04 22:24:20 ----A---- C:\Windows\system32\rastlsext.dll
2016-08-04 22:24:20 ----A---- C:\Windows\system32\fontsub.dll
2016-08-04 22:24:20 ----A---- C:\Windows\system32\cdpreference.exe
2016-08-04 22:24:20 ----A---- C:\Windows\system32\atmlib.dll
2016-08-04 22:24:14 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2016-08-04 22:24:12 ----A---- C:\Windows\system32\Windows.UI.dll
2016-08-04 22:24:11 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2016-08-04 22:24:11 ----A---- C:\Windows\system32\CoreUIComponents.dll
2016-08-04 22:24:09 ----A---- C:\Windows\system32\twinui.dll
2016-08-04 22:24:01 ----A---- C:\Windows\system32\WSService.dll
2016-08-04 22:23:58 ----A---- C:\Windows\system32\SRHInproc.dll
2016-08-04 22:23:55 ----A---- C:\Windows\system32\shell32.dll
2016-08-04 22:23:52 ----A---- C:\Windows\system32\SRH.dll
2016-08-04 22:23:51 ----A---- C:\Windows\system32\msxml6.dll
2016-08-04 22:23:50 ----A---- C:\Windows\system32\windows.storage.dll
2016-08-04 22:23:46 ----A---- C:\Windows\system32\LicenseManager.dll
2016-08-04 22:23:46 ----A---- C:\Windows\system32\combase.dll
2016-08-04 22:23:44 ----A---- C:\Windows\system32\Windows.Web.Http.dll
2016-08-04 22:23:43 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2016-08-04 22:23:42 ----A---- C:\Windows\system32\diagtrack.dll
2016-08-04 22:23:42 ----A---- C:\Windows\system32\authui.dll
2016-08-04 22:23:41 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-08-04 22:23:41 ----A---- C:\Windows\explorer.exe
2016-08-04 22:23:39 ----A---- C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-08-04 22:23:39 ----A---- C:\Windows\system32\CredProvDataModel.dll
2016-08-04 22:23:38 ----A---- C:\Windows\system32\Windows.Web.dll
2016-08-04 22:23:38 ----A---- C:\Windows\system32\actxprxy.dll
2016-08-04 22:23:37 ----A---- C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-08-04 22:23:37 ----A---- C:\Windows\system32\PlayToManager.dll
2016-08-04 22:23:37 ----A---- C:\Windows\system32\dosvc.dll
2016-08-04 22:23:36 ----A---- C:\Windows\system32\StoreAgent.dll
2016-08-04 22:23:36 ----A---- C:\Windows\system32\ClipSVC.dll
2016-08-04 22:23:36 ----A---- C:\Windows\system32\ActivationManager.dll
2016-08-04 22:23:35 ----A---- C:\Windows\system32\WinTypes.dll
2016-08-04 22:23:35 ----A---- C:\Windows\system32\MCRecvSrc.dll
2016-08-04 22:23:35 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-08-04 22:23:34 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-08-04 22:23:34 ----A---- C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-08-04 22:23:34 ----A---- C:\Windows\system32\facecredentialprovider.dll
2016-08-04 22:23:34 ----A---- C:\Windows\system32\DataSenseHandlers.dll
2016-08-04 22:23:33 ----A---- C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-08-04 22:23:33 ----A---- C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-08-04 22:23:33 ----A---- C:\Windows\system32\vaultsvc.dll
2016-08-04 22:23:32 ----A---- C:\Windows\system32\Windows.Media.MediaControl.dll
2016-08-04 22:23:32 ----A---- C:\Windows\system32\usbmon.dll
2016-08-04 22:23:32 ----A---- C:\Windows\system32\QuickActionsDataModel.dll
2016-08-04 22:23:32 ----A---- C:\Windows\system32\MDEServer.exe
2016-08-04 22:23:31 ----A---- C:\Windows\system32\Windows.UI.Shell.dll
2016-08-04 22:23:31 ----A---- C:\Windows\system32\propsys.dll
2016-08-04 22:23:30 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2016-08-04 22:23:30 ----A---- C:\Windows\system32\MSFlacDecoder.dll
2016-08-04 22:23:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-04 22:23:29 ----A---- C:\Windows\system32\Windows.Networking.dll
2016-08-04 22:23:29 ----A---- C:\Windows\system32\LaunchWinApp.exe
2016-08-04 22:23:28 ----A---- C:\Windows\system32\winmde.dll
2016-08-04 22:23:28 ----A---- C:\Windows\system32\spoolsv.exe
2016-08-04 22:23:28 ----A---- C:\Windows\system32\SHCore.dll
2016-08-04 22:23:28 ----A---- C:\Windows\system32\shacct.dll
2016-08-04 22:23:27 ----A---- C:\Windows\system32\Windows.UI.Cred.dll
2016-08-04 22:23:27 ----A---- C:\Windows\system32\storewuauth.dll
2016-08-04 22:23:26 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-08-04 22:23:26 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-08-04 22:23:26 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-08-04 22:23:25 ----A---- C:\Windows\system32\localspl.dll
2016-08-04 22:23:25 ----A---- C:\Windows\system32\AboveLockAppHost.dll
2016-08-04 22:23:24 ----A---- C:\Windows\system32\usocore.dll
2016-08-04 22:23:23 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-08-04 22:23:23 ----A---- C:\Windows\system32\advapi32.dll
2016-08-04 22:23:22 ----A---- C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-08-04 22:23:22 ----A---- C:\Windows\system32\SpeechPal.dll
2016-08-04 22:23:22 ----A---- C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-08-04 22:23:21 ----A---- C:\Windows\system32\updatehandlers.dll
2016-08-04 22:23:21 ----A---- C:\Windows\system32\SharedStartModel.dll
2016-08-04 22:23:21 ----A---- C:\Windows\system32\msxml3.dll
2016-08-04 22:23:21 ----A---- C:\Windows\system32\drivers\acpi.sys
2016-08-04 22:23:20 ----A---- C:\Windows\system32\twinapi.dll
2016-08-04 22:23:20 ----A---- C:\Windows\system32\InstallAgent.exe
2016-08-04 22:23:19 ----A---- C:\Windows\system32\PrintDialogs3D.dll
2016-08-04 22:23:19 ----A---- C:\Windows\system32\ListSvc.dll
2016-08-04 22:23:19 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-08-04 22:23:18 ----A---- C:\Windows\system32\LockAppBroker.dll
2016-08-04 22:23:18 ----A---- C:\Windows\system32\AppxPackaging.dll
2016-08-04 22:23:17 ----A---- C:\Windows\system32\vaultcli.dll
2016-08-04 22:23:17 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-08-04 22:23:16 ----A---- C:\Windows\system32\gameux.dll
2016-08-04 22:23:16 ----A---- C:\Windows\system32\credprovhost.dll
2016-08-04 22:23:15 ----A---- C:\Windows\system32\RDXService.dll
2016-08-04 22:23:15 ----A---- C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2016-08-04 22:23:14 ----A---- C:\Windows\system32\SettingsHandlers_Maps.dll
2016-08-04 22:23:14 ----A---- C:\Windows\system32\drivers\srv.sys
2016-08-04 22:23:13 ----A---- C:\Windows\system32\msorcl32.dll
2016-08-04 22:23:13 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-04 22:23:12 ----A---- C:\Windows\system32\WSShared.dll
2016-08-04 22:23:12 ----A---- C:\Windows\system32\shutdownux.dll
2016-08-04 22:23:11 ----A---- C:\Windows\system32\wsdchngr.dll
2016-08-04 22:23:11 ----A---- C:\Windows\system32\winipcsecproc.dll
2016-08-04 22:23:11 ----A---- C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-08-04 22:23:11 ----A---- C:\Windows\system32\SearchFolder.dll
2016-08-04 22:23:10 ----A---- C:\Windows\system32\ztrace_maps.dll
2016-08-04 22:23:10 ----A---- C:\Windows\system32\Windows.Devices.Scanners.dll
2016-08-04 22:23:10 ----A---- C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-08-04 22:23:10 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-08-04 22:23:09 ----A---- C:\Windows\system32\win32spl.dll
2016-08-04 22:23:09 ----A---- C:\Windows\system32\RDXTaskFactory.dll
2016-08-04 22:23:09 ----A---- C:\Windows\system32\OpenWith.exe
2016-08-04 22:23:09 ----A---- C:\Windows\system32\ntshrui.dll
2016-08-04 22:23:09 ----A---- C:\Windows\system32\iuilp.dll
2016-08-04 22:23:09 ----A---- C:\Windows\system32\Clipc.dll
2016-08-04 22:23:08 ----A---- C:\Windows\system32\wuautoappupdate.dll
2016-08-04 22:23:08 ----A---- C:\Windows\system32\wiaaut.dll
2016-08-04 22:23:08 ----A---- C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-08-04 22:23:07 ----A---- C:\Windows\system32\hgcpl.dll
2016-08-04 22:23:07 ----A---- C:\Windows\system32\ApplicationFrame.dll
2016-08-04 22:23:06 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-08-04 22:23:06 ----A---- C:\Windows\system32\inetpp.dll
2016-08-04 22:23:05 ----A---- C:\Windows\system32\WMPhoto.dll
2016-08-04 22:23:05 ----A---- C:\Windows\system32\UserLanguagesCpl.dll
2016-08-04 22:23:05 ----A---- C:\Windows\system32\themecpl.dll
2016-08-04 22:23:04 ----A---- C:\Windows\system32\domgmt.dll
2016-08-04 22:23:04 ----A---- C:\Windows\HelpPane.exe
2016-08-04 22:23:03 ----A---- C:\Windows\system32\wups.dll
2016-08-04 22:23:03 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-04 22:23:03 ----A---- C:\Windows\system32\sbe.dll
2016-08-04 22:23:03 ----A---- C:\Windows\system32\licensingdiag.exe
2016-08-04 22:23:02 ----A---- C:\Windows\system32\winipcfile.dll
2016-08-04 22:23:02 ----A---- C:\Windows\system32\ByteCodeGenerator.exe
2016-08-04 22:23:01 ----A---- C:\Windows\system32\WSSync.dll
2016-08-04 22:23:01 ----A---- C:\Windows\system32\seclogon.dll
2016-08-04 22:23:00 ----A---- C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-08-04 22:23:00 ----A---- C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-04 22:23:00 ----A---- C:\Windows\system32\ntprint.dll
2016-08-04 22:23:00 ----A---- C:\Windows\system32\drivers\Ndu.sys
2016-08-04 22:22:59 ----A---- C:\Windows\system32\Windows.Speech.Pal.dll
2016-08-04 22:22:59 ----A---- C:\Windows\system32\oemlicense.dll
2016-08-04 22:22:59 ----A---- C:\Windows\system32\msieftp.dll
2016-08-04 22:22:57 ----A---- C:\Windows\system32\OneBackupHandler.dll
2016-08-04 22:22:56 ----A---- C:\Windows\system32\WSClient.dll
2016-08-04 22:22:56 ----A---- C:\Windows\system32\mspaint.exe
2016-08-04 22:22:56 ----A---- C:\Windows\system32\DevicePairing.dll
2016-08-04 22:22:54 ----A---- C:\Windows\system32\winmsipc.dll
2016-08-04 22:22:54 ----A---- C:\Windows\system32\ieui.dll
2016-08-04 22:22:54 ----A---- C:\Windows\system32\GamePanel.exe
2016-08-04 22:22:52 ----A---- C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-08-04 22:22:52 ----A---- C:\Windows\system32\SensorsNativeApi.V2.dll
2016-08-04 22:22:52 ----A---- C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-08-04 22:22:51 ----A---- C:\Windows\system32\sscoreext.dll
2016-08-04 22:22:51 ----A---- C:\Windows\system32\bcastdvr.exe
2016-08-04 22:22:51 ----A---- C:\Windows\system32\AppCapture.dll
2016-08-04 22:22:46 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-08-04 22:22:38 ----A---- C:\Windows\system32\Windows.Media.dll
2016-08-04 22:22:38 ----A---- C:\Windows\system32\mfcore.dll
2016-08-04 22:22:30 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-08-04 22:22:29 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-08-04 22:22:28 ----A---- C:\Windows\system32\DeviceCensus.exe
2016-08-04 22:22:27 ----A---- C:\Windows\system32\generaltel.dll
2016-08-04 22:22:26 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-08-04 22:22:25 ----A---- C:\Windows\system32\vbscript.dll
2016-08-04 22:22:23 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-08-04 22:22:21 ----A---- C:\Windows\system32\mfps.dll
2016-08-04 22:22:21 ----A---- C:\Windows\system32\aeinv.dll
2016-08-04 22:22:20 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2016-08-04 22:22:20 ----A---- C:\Windows\system32\mfasfsrcsnk.dll
2016-08-04 22:22:19 ----A---- C:\Windows\system32\mfsrcsnk.dll
2016-08-04 22:22:18 ----A---- C:\Windows\system32\CoreMessaging.dll
2016-08-04 22:22:17 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2016-08-04 22:22:16 ----A---- C:\Windows\system32\Windows.Media.Audio.dll
2016-08-04 22:22:16 ----A---- C:\Windows\system32\devinv.dll
2016-08-04 22:22:15 ----A---- C:\Windows\system32\ntdll.dll
2016-08-04 22:22:15 ----A---- C:\Windows\system32\mfds.dll
2016-08-04 22:22:15 ----A---- C:\Windows\system32\evr.dll
2016-08-04 22:22:14 ----A---- C:\Windows\system32\mfplat.dll
2016-08-04 22:22:14 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2016-08-04 22:22:14 ----A---- C:\Windows\system32\AccountsRt.dll
2016-08-04 22:22:13 ----A---- C:\Windows\system32\tquery.dll
2016-08-04 22:22:13 ----A---- C:\Windows\system32\LocationFramework.dll
2016-08-04 22:22:12 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2016-08-04 22:22:12 ----A---- C:\Windows\system32\mfnetcore.dll
2016-08-04 22:22:12 ----A---- C:\Windows\system32\jscript.dll
2016-08-04 22:22:12 ----A---- C:\Windows\system32\invagent.dll
2016-08-04 22:22:11 ----A---- C:\Windows\system32\fveapi.dll
2016-08-04 22:22:11 ----A---- C:\Windows\system32\bdesvc.dll
2016-08-04 22:22:10 ----A---- C:\Windows\system32\SettingSyncCore.dll
2016-08-04 22:22:10 ----A---- C:\Windows\system32\KernelBase.dll
2016-08-04 22:22:10 ----A---- C:\Windows\system32\aepic.dll
2016-08-04 22:22:09 ----A---- C:\Windows\system32\WSDApi.dll
2016-08-04 22:22:09 ----A---- C:\Windows\system32\mfmkvsrcsnk.dll
2016-08-04 22:22:09 ----A---- C:\Windows\system32\configurationclient.dll
2016-08-04 22:22:08 ----A---- C:\Windows\system32\qedit.dll
2016-08-04 22:22:08 ----A---- C:\Windows\system32\BFE.DLL
2016-08-04 22:22:07 ----A---- C:\Windows\system32\provengine.dll
2016-08-04 22:22:07 ----A---- C:\Windows\system32\mssrch.dll
2016-08-04 22:22:07 ----A---- C:\Windows\system32\mf.dll
2016-08-04 22:22:06 ----A---- C:\Windows\system32\TimeBrokerServer.dll
2016-08-04 22:22:06 ----A---- C:\Windows\system32\msvproc.dll
2016-08-04 22:22:06 ----A---- C:\Windows\system32\mftranscode.dll
2016-08-04 22:22:05 ----A---- C:\Windows\system32\twinapi.appcore.dll
2016-08-04 22:22:05 ----A---- C:\Windows\system32\ieproxy.dll
2016-08-04 22:22:04 ----A---- C:\Windows\system32\winhttp.dll
2016-08-04 22:22:04 ----A---- C:\Windows\system32\setupapi.dll
2016-08-04 22:22:03 ----A---- C:\Windows\system32\provhandlers.dll
2016-08-04 22:22:02 ----A---- C:\Windows\system32\Taskmgr.exe
2016-08-04 22:22:02 ----A---- C:\Windows\system32\mfsvr.dll
2016-08-04 22:22:01 ----A---- C:\Windows\system32\provops.dll
2016-08-04 22:22:01 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-08-04 22:22:01 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2016-08-04 22:22:00 ----A---- C:\Windows\system32\PackageStateRoaming.dll
2016-08-04 22:22:00 ----A---- C:\Windows\system32\fveui.dll
2016-08-04 22:22:00 ----A---- C:\Windows\system32\DisplayManager.dll
2016-08-04 22:22:00 ----A---- C:\Windows\system32\DAFWSD.dll
2016-08-04 22:22:00 ----A---- C:\Windows\system32\accountaccessor.dll
2016-08-04 22:21:59 ----A---- C:\Windows\system32\xpsrchvw.exe
2016-08-04 22:21:59 ----A---- C:\Windows\system32\drivers\fastfat.sys
2016-08-04 22:21:58 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2016-08-04 22:21:58 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-08-04 22:21:57 ----A---- C:\Windows\system32\ShareHost.dll
2016-08-04 22:21:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll
2016-08-04 22:21:57 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-08-04 22:21:57 ----A---- C:\Windows\system32\drivers\ufx01000.sys
2016-08-04 22:21:57 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-08-04 22:21:56 ----A---- C:\Windows\system32\WindowsCodecsRaw.dll
2016-08-04 22:21:53 ----A---- C:\Windows\system32\thumbcache.dll
2016-08-04 22:21:52 ----A---- C:\Windows\system32\wpncore.dll
2016-08-04 22:21:52 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-08-04 22:21:52 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-08-04 22:21:51 ----A---- C:\Windows\system32\Windows.Media.Speech.dll
2016-08-04 22:21:51 ----A---- C:\Windows\system32\SettingSync.dll
2016-08-04 22:21:51 ----A---- C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-08-04 22:21:50 ----A---- C:\Windows\system32\DMRServer.dll
2016-08-04 22:21:49 ----A---- C:\Windows\system32\drivers\filecrypt.sys
2016-08-04 22:21:48 ----A---- C:\Windows\system32\systemreset.exe
2016-08-04 22:21:48 ----A---- C:\Windows\system32\SyncController.dll
2016-08-04 22:21:48 ----A---- C:\Windows\system32\NotificationController.dll
2016-08-04 22:21:47 ----A---- C:\Windows\system32\drivers\tpm.sys
2016-08-04 22:21:46 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2016-08-04 22:21:46 ----A---- C:\Windows\system32\mfpmp.exe
2016-08-04 22:21:46 ----A---- C:\Windows\system32\drivers\partmgr.sys
2016-08-04 22:21:46 ----A---- C:\Windows\system32\dafBth.dll
2016-08-04 22:21:45 ----A---- C:\Windows\system32\workfolderssvc.dll
2016-08-04 22:21:45 ----A---- C:\Windows\system32\newdev.dll
2016-08-04 22:21:45 ----A---- C:\Windows\system32\mssphtb.dll
2016-08-04 22:21:45 ----A---- C:\Windows\system32\BrokerLib.dll
2016-08-04 22:21:44 ----A---- C:\Windows\system32\dxtrans.dll
2016-08-04 22:21:43 ----A---- C:\Windows\system32\internetmail.dll
2016-08-04 22:21:42 ----A---- C:\Windows\system32\webio.dll
2016-08-04 22:21:42 ----A---- C:\Windows\system32\pcaui.exe
2016-08-04 22:21:42 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-08-04 22:21:41 ----A---- C:\Windows\system32\Windows.Media.Editing.dll
2016-08-04 22:21:41 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-08-04 22:21:41 ----A---- C:\Windows\system32\basesrv.dll
2016-08-04 22:21:40 ----A---- C:\Windows\system32\mssph.dll
2016-08-04 22:21:40 ----A---- C:\Windows\system32\GnssAdapter.dll
2016-08-04 22:21:40 ----A---- C:\Windows\system32\BrowserSettingSync.dll
2016-08-04 22:21:39 ----A---- C:\Windows\system32\usercpl.dll
2016-08-04 22:21:38 ----A---- C:\Windows\system32\wpninprc.dll
2016-08-04 22:21:38 ----A---- C:\Windows\system32\WebcamUi.dll
2016-08-04 22:21:38 ----A---- C:\Windows\system32\scapi.dll
2016-08-04 22:21:37 ----A---- C:\Windows\system32\wpdshext.dll
2016-08-04 22:21:37 ----A---- C:\Windows\system32\mbsmsapi.dll
2016-08-04 22:21:36 ----A---- C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-08-04 22:21:36 ----A---- C:\Windows\system32\fhsettingsprovider.dll
2016-08-04 22:21:35 ----A---- C:\Windows\system32\webcheck.dll
2016-08-04 22:21:35 ----A---- C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-08-04 22:21:35 ----A---- C:\Windows\system32\reseteng.dll
2016-08-04 22:21:34 ----A---- C:\Windows\system32\fhengine.dll
2016-08-04 22:21:34 ----A---- C:\Windows\system32\fhcfg.dll
2016-08-04 22:21:33 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-08-04 22:21:33 ----A---- C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-04 22:21:32 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2016-08-04 22:21:32 ----A---- C:\Windows\system32\TimeBrokerClient.dll
2016-08-04 22:21:32 ----A---- C:\Windows\system32\PlayToReceiver.dll
2016-08-04 22:21:32 ----A---- C:\Windows\system32\msscntrs.dll
2016-08-04 22:21:32 ----A---- C:\Windows\system32\aitstatic.exe
2016-08-04 22:21:31 ----A---- C:\Windows\system32\winhttpcom.dll
2016-08-04 22:21:31 ----A---- C:\Windows\system32\NFCProvisioningPlugin.dll
2016-08-04 22:21:31 ----A---- C:\Windows\system32\fveskybackup.dll
2016-08-04 22:21:31 ----A---- C:\Windows\system32\fveapibase.dll
2016-08-04 22:21:26 ----A---- C:\Windows\system32\msi.dll
2016-08-04 22:21:25 ----A---- C:\Windows\system32\UserDataService.dll
2016-08-04 22:21:24 ----A---- C:\Windows\system32\enterprisecsps.dll
2016-08-04 22:21:23 ----A---- C:\Windows\system32\XblGameSave.dll
2016-08-04 22:21:23 ----A---- C:\Windows\system32\RemoteNaturalLanguage.dll
2016-08-04 22:21:23 ----A---- C:\Windows\system32\InputService.dll
2016-08-04 22:21:23 ----A---- C:\Windows\system32\dmenrollengine.dll
2016-08-04 22:21:22 ----A---- C:\Windows\system32\Unistore.dll
2016-08-04 22:21:22 ----A---- C:\Windows\system32\ngcsvc.dll
2016-08-04 22:21:22 ----A---- C:\Windows\system32\ContactApis.dll
2016-08-04 22:21:21 ----A---- C:\Windows\system32\uDWM.dll
2016-08-04 22:21:21 ----A---- C:\Windows\system32\taskschd.dll
2016-08-04 22:21:21 ----A---- C:\Windows\system32\schedsvc.dll
2016-08-04 22:21:21 ----A---- C:\Windows\system32\AppointmentApis.dll
2016-08-04 22:21:19 ----A---- C:\Windows\system32\mdmmigrator.dll
2016-08-04 22:21:18 ----A---- C:\Windows\system32\Windows.AccountsControl.dll
2016-08-04 22:21:18 ----A---- C:\Windows\system32\NgcCtnr.dll
2016-08-04 22:21:17 ----A---- C:\Windows\system32\MTFServer.dll
2016-08-04 22:21:17 ----A---- C:\Windows\system32\deviceaccess.dll
2016-08-04 22:21:16 ----A---- C:\Windows\system32\srcore.dll
2016-08-04 22:21:16 ----A---- C:\Windows\system32\MTF.dll
2016-08-04 22:21:16 ----A---- C:\Windows\system32\drivers\http.sys
2016-08-04 22:21:16 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2016-08-04 22:21:15 ----A---- C:\Windows\system32\NgcCtnrSvc.dll
2016-08-04 22:21:15 ----A---- C:\Windows\system32\drivers\sdport.sys
2016-08-04 22:21:15 ----A---- C:\Windows\system32\drivers\dumpsdport.sys
2016-08-04 22:21:15 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-08-04 22:21:15 ----A---- C:\Windows\system32\dnsapi.dll
2016-08-04 22:21:14 ----A---- C:\Windows\system32\enrollmentapi.dll
2016-08-04 22:21:13 ----A---- C:\Windows\system32\drivers\xboxgip.sys
2016-08-04 22:21:12 ----A---- C:\Windows\system32\winload.exe
2016-08-04 22:21:12 ----A---- C:\Windows\system32\policymanager.dll
2016-08-04 22:21:12 ----A---- C:\Windows\system32\MDMAppInstaller.exe
2016-08-04 22:21:12 ----A---- C:\Windows\system32\ChatApis.dll
2016-08-04 22:21:11 ----A---- C:\Windows\system32\wscsvc.dll
2016-08-04 22:21:11 ----A---- C:\Windows\system32\MessagingDataModel2.dll
2016-08-04 22:21:10 ----A---- C:\Windows\system32\wscapi.dll
2016-08-04 22:21:10 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-08-04 22:21:10 ----A---- C:\Windows\system32\winresume.exe
2016-08-04 22:21:09 ----A---- C:\Windows\system32\TextInputFramework.dll
2016-08-04 22:21:09 ----A---- C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-08-04 22:21:09 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2016-08-04 22:21:09 ----A---- C:\Windows\system32\DeviceEnroller.exe
2016-08-04 22:21:09 ----A---- C:\Windows\system32\AppointmentActivation.dll
2016-08-04 22:21:08 ----A---- C:\Windows\system32\policymanagerprecheck.dll
2016-08-04 22:21:07 ----A---- C:\Windows\system32\EmailApis.dll
2016-08-04 22:21:05 ----A---- C:\Windows\system32\omadmapi.dll
2016-08-04 22:21:05 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-08-04 22:21:04 ----A---- C:\Windows\system32\ngcpopkeysrv.dll
2016-08-04 22:21:04 ----A---- C:\Windows\system32\mtxoci.dll
2016-08-04 22:21:04 ----A---- C:\Windows\system32\mswsock.dll
2016-08-04 22:21:04 ----A---- C:\Windows\system32\cemapi.dll
2016-08-04 22:21:03 ----A---- C:\Windows\system32\taskeng.exe
2016-08-04 22:21:03 ----A---- C:\Windows\system32\PhoneCallHistoryApis.dll
2016-08-04 22:21:03 ----A---- C:\Windows\system32\mdmregistration.dll
2016-08-04 22:21:03 ----A---- C:\Windows\system32\dwminit.dll
2016-08-04 22:21:02 ----A---- C:\Windows\system32\provpackageapidll.dll
2016-08-04 22:21:02 ----A---- C:\Windows\system32\ngccredprov.dll
2016-08-04 22:21:02 ----A---- C:\Windows\system32\dmcsps.dll
2016-08-04 22:21:01 ----A---- C:\Windows\system32\wmicmiplugin.dll
2016-08-04 22:21:01 ----A---- C:\Windows\system32\PimIndexMaintenance.dll
2016-08-04 22:21:01 ----A---- C:\Windows\system32\cryptngc.dll
2016-08-04 22:21:00 ----A---- C:\Windows\system32\DscCore.dll
2016-08-04 22:21:00 ----A---- C:\Windows\system32\drivers\sdbus.sys
2016-08-04 22:21:00 ----A---- C:\Windows\system32\dhcpcore6.dll
2016-08-04 22:20:59 ----A---- C:\Windows\system32\VCardParser.dll
2016-08-04 22:20:59 ----A---- C:\Windows\system32\schtasks.exe
2016-08-04 22:20:59 ----A---- C:\Windows\system32\POSyncServices.dll
2016-08-04 22:20:59 ----A---- C:\Windows\system32\ngckeyenum.dll
2016-08-04 22:20:58 ----A---- C:\Windows\system32\WMPDMC.exe
2016-08-04 22:20:58 ----A---- C:\Windows\system32\omadmclient.exe
2016-08-04 22:20:58 ----A---- C:\Windows\system32\ExSMime.dll
2016-08-04 22:20:57 ----A---- C:\Windows\system32\UserDataAccountApis.dll
2016-08-04 22:20:56 ----A---- C:\Windows\system32\browserbroker.dll
2016-08-04 22:20:55 ----A---- C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-08-04 22:20:55 ----A---- C:\Windows\system32\Windows.Storage.Search.dll
2016-08-04 22:20:55 ----A---- C:\Windows\system32\ExtrasXmlParser.dll
2016-08-04 22:20:55 ----A---- C:\Windows\system32\cfgbkend.dll
2016-08-04 22:20:54 ----A---- C:\Windows\system32\UserDataTimeUtil.dll
2016-08-04 22:20:54 ----A---- C:\Windows\system32\RMSRoamingSecurity.dll
2016-08-04 22:20:54 ----A---- C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-08-04 22:20:54 ----A---- C:\Windows\system32\dlnashext.dll
2016-08-04 22:20:54 ----A---- C:\Windows\system32\CallHistoryClient.dll
2016-08-04 22:20:53 ----A---- C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-08-04 22:20:53 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2016-08-04 22:20:53 ----A---- C:\Windows\system32\dhcpcsvc.dll
2016-08-04 22:20:53 ----A---- C:\Windows\system32\DDDS.dll
2016-08-04 22:20:51 ----A---- C:\Windows\system32\UserDataLanguageUtil.dll
2016-08-04 22:20:50 ----A---- C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-08-04 22:20:50 ----A---- C:\Windows\system32\LegacyNetUXHost.exe
2016-08-04 22:20:50 ----A---- C:\Windows\system32\LegacyNetUX.dll
2016-08-04 22:20:49 ----A---- C:\Windows\system32\Windows.Internal.Management.dll
2016-08-04 22:20:49 ----A---- C:\Windows\system32\dmenterprisediagnostics.dll
2016-08-04 22:20:49 ----A---- C:\Windows\system32\dmcertinst.exe
2016-08-04 22:20:49 ----A---- C:\Windows\system32\dhcpcore.dll
2016-08-04 22:20:48 ----A---- C:\Windows\system32\InputLocaleManager.dll
2016-08-04 22:20:48 ----A---- C:\Windows\system32\FilterDS.dll
2016-08-04 22:20:48 ----A---- C:\Windows\system32\drivers\xinputhid.sys
2016-08-04 22:01:37 ----D---- C:\Users\cehla\AppData\Roaming\Lenovo
2016-08-04 19:55:39 ----D---- C:\Users\cehla\AppData\Roaming\LolClient
2016-08-04 17:59:06 ----D---- C:\Users\cehla\AppData\Roaming\Macromedia
2016-08-04 17:36:05 ----D---- C:\Program Files\Google
2016-08-04 17:31:31 ----D---- C:\ProgramData\Riot Games
2016-08-04 17:30:01 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-08-04 17:30:01 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-08-04 17:30:00 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-08-04 17:30:00 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-08-04 17:30:00 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-08-04 17:29:49 ----D---- C:\Riot Games
2016-08-04 17:28:49 ----D---- C:\Users\cehla\AppData\Roaming\Riot Games
2016-08-04 17:16:09 ----D---- C:\Users\cehla\AppData\Roaming\Mozilla
2016-08-04 17:15:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-08-04 17:15:39 ----AD---- C:\Program Files\Mozilla Firefox
2016-08-04 17:10:32 ----SHD---- C:\Windows\system32\AI_RecycleBin
2016-08-04 17:10:31 ----AD---- C:\Program Files\Dynafleet Stand Alone Card Reader Application
2016-08-04 17:08:08 ----D---- C:\Program Files\Common Files\Java
2016-08-04 17:07:46 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-08-04 17:07:00 ----D---- C:\Program Files\Java
2016-08-04 17:02:47 ----A---- C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-08-04 17:00:05 ----D---- C:\Users\cehla\AppData\Roaming\Sun
2016-08-04 16:59:20 ----D---- C:\ProgramData\Oracle
2016-08-04 16:57:13 ----D---- C:\Users\cehla\AppData\Roaming\LSC
2016-08-04 16:50:51 ----D---- C:\Users\cehla\AppData\Roaming\Opera Software
2016-08-04 16:50:11 ----D---- C:\Program Files\Opera
2016-08-04 16:47:01 ----D---- C:\Users\cehla\AppData\Roaming\Adobe
2016-08-04 16:45:55 ----SD---- C:\Users\cehla\AppData\Roaming\Microsoft
2016-08-04 16:44:46 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

======List of files/folders modified in the last 1 month======

2016-09-02 17:30:08 ----D---- C:\Windows\Prefetch
2016-09-02 17:30:07 ----RD---- C:\Program Files
2016-09-02 17:27:03 ----D---- C:\Windows\AppReadiness
2016-09-02 17:27:02 ----D---- C:\Windows\Temp
2016-09-02 17:25:13 ----D---- C:\Windows\system32\sru
2016-09-02 16:20:49 ----D---- C:\Windows\system32\SleepStudy
2016-09-02 07:33:00 ----HD---- C:\Program Files\WindowsApps
2016-09-02 07:30:00 ----D---- C:\Windows\system32\config
2016-09-01 09:16:09 ----D---- C:\Windows\WinSxS
2016-09-01 09:16:06 ----D---- C:\Windows\CbsTemp
2016-09-01 08:28:31 ----D---- C:\Windows\System32
2016-09-01 08:28:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-01 08:28:30 ----D---- C:\Windows\INF
2016-08-31 00:25:12 ----D---- C:\Windows\Microsoft.NET
2016-08-30 00:24:42 ----D---- C:\Windows\LiveKernelReports
2016-08-29 23:45:59 ----D---- C:\Windows\system32\drivers
2016-08-29 23:45:59 ----D---- C:\Windows\ELAMBKUP
2016-08-29 23:45:59 ----D---- C:\Program Files\Common Files
2016-08-29 23:45:30 ----HD---- C:\ProgramData
2016-08-29 23:44:10 ----D---- C:\Windows\system32\DriverStore
2016-08-29 23:43:18 ----D---- C:\Windows\system32\Tasks
2016-08-29 23:22:10 ----D---- C:\Windows\system32\drivers\etc
2016-08-29 20:28:30 ----SHD---- C:\System Volume Information
2016-08-29 20:26:43 ----AD---- C:\Windows
2016-08-28 12:33:26 ----D---- C:\Windows\system32\NDF
2016-08-14 19:16:23 ----D---- C:\Windows\rescache
2016-08-12 09:24:16 ----D---- C:\Windows\system32\catroot2
2016-08-12 09:18:15 ----D---- C:\Windows\OCR
2016-08-10 18:16:41 ----D---- C:\Windows\system32\sk-SK
2016-08-10 18:16:41 ----D---- C:\Windows\system32\en-US
2016-08-10 18:16:41 ----D---- C:\Windows\system32\appraiser
2016-08-10 18:16:35 ----RD---- C:\Windows\ImmersiveControlPanel
2016-08-10 18:16:34 ----D---- C:\Program Files\Windows Journal
2016-08-10 18:16:34 ----D---- C:\Program Files\Internet Explorer
2016-08-10 18:07:00 ----D---- C:\Windows\system32\SecureBootUpdates
2016-08-09 23:08:39 ----SHDC---- C:\Windows\Installer
2016-08-09 22:48:01 ----D---- C:\Windows\system32\WDI
2016-08-09 18:00:24 ----SD---- C:\Windows\system32\Microsoft
2016-08-08 08:03:04 ----RSD---- C:\Windows\assembly
2016-08-08 08:01:55 ----RSD---- C:\Windows\Fonts
2016-08-08 01:19:30 ----D---- C:\Windows\Logs
2016-08-08 01:17:50 ----D---- C:\Windows\system32\winrm
2016-08-08 01:17:50 ----D---- C:\Windows\system32\WCN
2016-08-08 01:17:50 ----D---- C:\Windows\system32\wbem
2016-08-08 01:17:49 ----SD---- C:\Windows\system32\F12
2016-08-08 01:17:49 ----D---- C:\Windows\system32\SystemResetPlatform
2016-08-08 01:17:49 ----D---- C:\Windows\system32\Sysprep
2016-08-08 01:17:49 ----D---- C:\Windows\system32\slmgr
2016-08-08 01:17:49 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2016-08-08 01:17:49 ----D---- C:\Windows\system32\MUI
2016-08-08 01:17:49 ----D---- C:\Windows\system32\migwiz
2016-08-08 01:17:49 ----D---- C:\Windows\system32\migration
2016-08-08 01:17:49 ----AD---- C:\Windows\system32\oobe
2016-08-08 01:17:47 ----SD---- C:\Windows\system32\DiagSvcs
2016-08-08 01:17:47 ----D---- C:\Windows\system32\drivers\UMDF
2016-08-08 01:17:47 ----D---- C:\Windows\system32\Dism
2016-08-08 01:17:47 ----D---- C:\Windows\system32\cs-CZ
2016-08-08 01:17:38 ----RD---- C:\Windows\PurchaseDialog
2016-08-08 01:17:38 ----RD---- C:\Windows\MiracastView
2016-08-08 01:17:38 ----D---- C:\Windows\system32\Com
2016-08-08 01:17:38 ----D---- C:\Windows\system32\Boot
2016-08-08 01:17:38 ----D---- C:\Windows\servicing
2016-08-08 01:17:38 ----D---- C:\Windows\PolicyDefinitions
2016-08-08 01:17:37 ----D---- C:\Windows\IME
2016-08-08 01:17:37 ----D---- C:\Windows\Help
2016-08-08 01:17:36 ----RD---- C:\Windows\DevicesFlow
2016-08-08 01:17:36 ----D---- C:\Windows\apppatch
2016-08-08 01:17:36 ----D---- C:\Program Files\Windows Photo Viewer
2016-08-08 01:17:36 ----D---- C:\Program Files\Windows Media Player
2016-08-08 01:17:36 ----D---- C:\Program Files\Windows Defender
2016-08-08 01:17:36 ----D---- C:\Program Files\Common Files\System
2016-08-06 08:54:38 ----D---- C:\Windows\AppCompat
2016-08-04 22:46:21 ----D---- C:\Windows\system32\CatRoot
2016-08-04 22:44:14 ----D---- C:\Windows\system32\WinBioPlugIns
2016-08-04 22:44:13 ----D---- C:\Windows\system32\drivers\en-US
2016-08-04 22:44:04 ----RD---- C:\Windows\PrintDialog
2016-08-04 22:44:04 ----D---- C:\Windows\Provisioning
2016-08-04 22:44:03 ----RSD---- C:\Windows\Media
2016-08-04 22:44:02 ----D---- C:\Windows\bcastdvr
2016-08-04 22:44:02 ----D---- C:\Program Files\Windows Portable Devices
2016-08-04 22:44:02 ----D---- C:\Program Files\Windows Multimedia Platform
2016-08-04 22:44:02 ----D---- C:\Program Files\Windows Mail
2016-08-04 22:04:27 ----D---- C:\ProgramData\Lenovo
2016-08-04 17:47:30 ----D---- C:\Windows\Tasks
2016-08-04 17:29:39 ----D---- C:\Program Files\Common Files\microsoft shared
2016-08-04 17:10:31 ----SHD---- C:\$Recycle.Bin
2016-08-04 17:02:59 ----AD---- C:\Users
2016-08-04 16:54:36 ----D---- C:\Windows\system32\Macromed
2016-08-04 16:50:55 ----D---- C:\Program Files\Intel
2016-08-04 16:46:05 ----D---- C:\Windows\system32\WinBioDatabase
2016-08-04 16:45:09 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MBI;@oem5.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2015-06-16 33792]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2016-04-23 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 camera;@oem4.inf,%iacamera.DeviceDesc%;Intel(R) AVStream Camera; C:\Windows\system32\DRIVERS\iacamera32.sys [2015-07-09 697360]
R3 DptfDevDBPT;DptfDevDBPT; C:\Windows\system32\DRIVERS\DptfDevPower.sys [2015-06-23 55816]
R3 DptfDevDisplay;DptfDevDisplay; C:\Windows\system32\DRIVERS\DptfDevDisplay.sys [2015-06-23 59392]
R3 DptfDevGen;DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [2015-06-23 85000]
R3 DptfDevProc;DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [2015-06-23 203264]
R3 DptfManager;DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [2015-06-23 467968]
R3 GPIO;@oem11.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2015-06-10 34176]
R3 GpioVirtual;@oem13.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\Windows\System32\drivers\iaiogpiovirtual.sys [2015-06-10 27496]
R3 iaioi2c;@oem14.inf,%Driver_Service.Desc%;I2C Controller Service; C:\Windows\System32\drivers\iaioi2ce.sys [2015-06-18 57360]
R3 iaiouart;@oem9.inf,%iaiouart.SVCDESC%;UART Controller; C:\Windows\System32\drivers\iaiouart.sys [2015-06-10 98560]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2016-05-03 3048928]
R3 IntelBatteryManagement;@oem10.inf,%IntelBatteryManagement.SVCDESC%;Intel(R) Battery Management Service; C:\Windows\System32\drivers\IntelBatteryManagement.sys [2015-07-01 47104]
R3 IntelSST;@oem17.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\Windows\system32\drivers\isstrtc.sys [2015-07-22 285968]
R3 iwdbus;@oem16.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-12-01 35320]
R3 PMIC;@oem6.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\Windows\System32\drivers\PMIC.sys [2015-06-16 77424]
R3 rtii2sac;@oem18.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\Windows\system32\DRIVERS\rtii2sac.sys [2015-06-12 208624]
R3 RtkUart;@oem19.inf,%RtkBtUart.SVCDESC%;Realtek Bluetooth UART Bus Driver Service; C:\Windows\System32\drivers\RtkUart.sys [2015-07-20 557312]
R3 RtlWlans;@oem20.inf,%RtlWlans.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n SDIO Network Adapter; C:\Windows\system32\DRIVERS\rtwlans.sys [2015-09-17 3896024]
R3 TXEI;@oem8.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEI.sys [2015-05-27 84520]
R3 unicam;@oem2.inf,%unicam.SVCDESC%;Camera Sensor UNICAM; C:\Windows\System32\drivers\hm2056.sys [2015-07-23 100400]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-10-30 27992]
S3 AX88772;@netax88772.inf,%AX88772.DeviceDesc%;ASIX AX88772 USB2.0 to Fast Ethernet Adapter; C:\Windows\System32\drivers\ax88772.sys [2015-10-30 95744]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2016-08-03 93184]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2016-03-29 200192]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2015-10-30 23040]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2016-08-03 102912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2016-08-03 744448]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-10-30 96768]
S3 e1iexpress;@net1i32.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i6332.sys [2015-10-30 387584]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 intaud_WaveExtensible;@oem15.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-12-01 44016]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2016-08-03 140288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2016-04-23 46080]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-10-30 32768]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2016-05-28 203104]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2016-04-23 104800]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-10-30 21856]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2016-04-23 48640]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2015-10-30 184832]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\Windows\System32\drivers\vhf.sys [2015-10-30 24064]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 37256]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R2 DptfParticipantProcessorService;@oem7.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\Windows\system32\DptfParticipantProcessorService.exe [2015-06-23 118792]
R2 DptfPolicyCriticalService;@oem7.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\Windows\system32\DptfPolicyCriticalService.exe [2015-06-23 115712]
R2 DptfPolicyLpmService;@oem7.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\Windows\system32\DptfPolicyLpmService.exe [2015-06-23 125952]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-05-03 292832]
R2 OneSyncSvc_3a225;Sync Host_3a225; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2016-06-22 991248]
R2 SACRA;Dynafleet Card Reader; C:\Program Files\Dynafleet Stand Alone Card Reader Application\bin\CraServiceLauncher.exe [2016-08-04 201216]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 37256]
R3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2016-05-03 299488]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 PimIndexMaintenanceSvc_3a225;Kontaktné údaje_3a225; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 UnistoreSvc_3a225;Ukladací priestor používateľských údajov_3a225; C:\Windows\System32\svchost.exe [2015-10-30 37256]
R3 UserDataSvc_3a225;Prístup k používateľským údajom_3a225; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-04 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-08-04 154440]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 271328]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_3a225;MessagingService_3a225; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-28 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-10-30 900096]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\Windows\system32\TieringEngineService.exe [2015-10-30 256512]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 37256]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[psychoSVK]

# AdwCleaner v6.010 - *Logfile created 03/09/2016 *at 16:43:15
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-09-03.1 [*Server]
# *Operating System : Windows 10 Home (X86)
# *Username : cehla - DESKTOP-7J9MHHK
# *Running from : C:\Users\cehla\Desktop\adwcleaner_6.010.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [758 *Bytes] - [03/09/2016 16:43:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [1164 *Bytes] - [03/09/2016 16:42:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [905 *Bytes] ##########

[Rudy]

Toto je OK. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

[psychoSVK]

FRST Launcher mi nedovolí z danej stránky stiahnúť prehliadač.

[Rudy]

Zkuste přes IE, nebo použijte tento odkaz: http://www.bleepingcomputer.com/downloa ... scan-tool/ .

[psychoSVK]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by cehla (administrator) on DESKTOP-7J9MHHK (04-09-2016 08:56:15)
Running from C:\Users\cehla\Desktop
Loaded Profiles: cehla (Available Profiles: cehla)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
() C:\Program Files\Dynafleet Stand Alone Card Reader Application\bin\CraServiceLauncher.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_101\bin\java.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x86__8wekyb3d8bbwe\WinStore.Mobile.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [113664 2015-06-23] (Intel Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (the data entry has 36 more characters).
HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\...\Run: [AirDroid 3] => C:\Program Files\AirDroid\AirDroid.exe [8696832 2016-07-25] (Sand Studio)
HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6854360 2016-08-05] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SACRA tray icon.lnk [2016-08-04]
ShortcutTarget: SACRA tray icon.lnk -> C:\Program Files\Dynafleet Stand Alone Card Reader Application\bat\startTrayIcon.bat ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35e1f844-8f4e-4827-873f-65c0e46b26cf}: [DhcpNameServer] 202.96.128.166
Tcpip\..\Interfaces\{a25ac425-d507-4a75-a753-9bf1bbf4fc92}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1218980410-4124996805-3316230869-1001 -> DefaultScope {22A91B62-C40D-4C32-9E2A-0A745740C05A} URL =
SearchScopes: HKU\S-1-5-21-1218980410-4124996805-3316230869-1001 -> {22A91B62-C40D-4C32-9E2A-0A745740C05A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-04] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-04] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-04] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Extension: (ColorZilla) - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-08-04]
FF Extension: (HTML5 Notifications) - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\extensions\html5notifications@paxal.net.xpi [2016-08-04]
FF Extension: (Tile Tabs) - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\extensions\tiletabs@DW-dev.xpi [2016-08-22]
FF Extension: (Firefox Hotfix) - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-02]
FF Extension: (YouTube mp3) - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\Extensions\info@youtube-mp3.org.xpi [2016-08-04]
FF Extension: (Twoo Notifications) - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\Extensions\twoo@twoo.com.xpi [2016-08-04]
FF Extension: (Adblock Plus) - C:\Users\cehla\AppData\Roaming\Mozilla\Firefox\Profiles\s34wfv7l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-04]

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Dokumenty Google) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Disk Google) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-26]
CHR Extension: (Tabuľky Google) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-04]
CHR Extension: (Gmail) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\cehla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [299488 2016-05-03] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [118792 2015-06-23] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [115712 2015-06-23] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [125952 2015-06-23] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [292832 2016-05-03] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2015-12-10] (Lenovo)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [991248 2016-06-22] (Bitdefender)
R2 SACRA; C:\Program Files\Dynafleet Stand Alone Card Reader Application\bin\CraServiceLauncher.exe [201216 2016-08-04] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [95744 2015-10-30] (ASIX Electronics Corp.)
S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [23040 2015-10-30] (Microsoft Corporation)
R3 camera; C:\Windows\system32\DRIVERS\iacamera32.sys [697360 2015-07-09] (Intel(R) Corporation)
R3 DptfDevDBPT; C:\Windows\system32\DRIVERS\DptfDevPower.sys [55816 2015-06-23] (Intel Corporation)
R3 DptfDevDisplay; C:\Windows\system32\DRIVERS\DptfDevDisplay.sys [59392 2015-06-23] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [85000 2015-06-23] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [203264 2015-06-23] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [467968 2015-06-23] (Intel Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [34176 2015-06-10] (Intel Corporation)
R3 GpioVirtual; C:\Windows\System32\drivers\iaiogpiovirtual.sys [27496 2015-06-10] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [57360 2015-06-18] (Intel Corporation)
R3 iaiouart; C:\Windows\System32\drivers\iaiouart.sys [98560 2015-06-10] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [44016 2015-12-01] (Intel Corporation)
R3 IntelBatteryManagement; C:\Windows\System32\drivers\IntelBatteryManagement.sys [47104 2015-07-01] ()
R3 IntelSST; C:\Windows\system32\drivers\isstrtc.sys [285968 2015-07-22] (Intel(R) Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [35320 2015-12-01] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [33792 2015-06-16] (Intel Corporation)
R3 PMIC; C:\Windows\System32\drivers\PMIC.sys [77424 2015-06-16] (Intel Corporation)
R3 rtii2sac; C:\Windows\system32\DRIVERS\rtii2sac.sys [208624 2015-06-12] (Realtek Semiconductor Corp.)
R3 RtkUart; C:\Windows\System32\drivers\RtkUart.sys [557312 2015-07-20] (Realtek Semiconductor Corporation)
R3 RtlWlans; C:\Windows\system32\DRIVERS\rtwlans.sys [3896024 2015-09-17] (Realtek Semiconductor Corporation )
R3 TXEI; C:\Windows\System32\drivers\TXEI.sys [84520 2015-05-27] (Intel Corporation)
R3 unicam; C:\Windows\System32\drivers\hm2056.sys [100400 2015-07-23] (Intel(R) Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 08:56 - 2016-09-04 08:58 - 00013605 _____ C:\Users\cehla\Desktop\FRST.txt
2016-09-04 08:55 - 2016-09-04 08:56 - 00000000 ____D C:\FRST
2016-09-03 20:26 - 2016-09-03 20:26 - 00001173 _____ C:\Users\Public\Desktop\Opera.lnk
2016-09-03 20:26 - 2016-09-03 20:26 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-03 20:23 - 2016-09-03 20:23 - 00962976 _____ (Opera Software) C:\Users\cehla\Desktop\OperaSetup.exe
2016-09-03 19:48 - 2016-09-04 08:55 - 01747968 _____ (Farbar) C:\Users\cehla\Desktop\FRST.exe
2016-09-03 16:36 - 2016-09-03 16:43 - 00000000 ____D C:\AdwCleaner
2016-09-03 15:31 - 2016-09-03 16:36 - 03826240 _____ C:\Users\cehla\Desktop\adwcleaner_6.010.exe
2016-09-03 09:42 - 2016-09-03 09:42 - 361900984 _____ C:\Windows\MEMORY.DMP
2016-09-03 09:42 - 2016-09-03 09:42 - 00151124 _____ C:\Windows\Minidump\090316-8890-01.dmp
2016-09-03 09:42 - 2016-09-03 09:42 - 00000000 ____D C:\Windows\Minidump
2016-09-02 20:11 - 2016-09-02 20:11 - 00001045 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-02 20:11 - 2016-09-02 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-02 20:10 - 2016-09-02 20:11 - 00000000 ____D C:\Program Files\CCleaner
2016-09-02 20:08 - 2016-09-02 20:10 - 08227032 _____ (Piriform Ltd) C:\Users\cehla\Desktop\ccsetup521.exe
2016-09-02 17:30 - 2016-09-02 17:30 - 00000000 ____D C:\rsit
2016-09-02 17:30 - 2016-09-02 17:30 - 00000000 ____D C:\Program Files\trend micro
2016-09-02 17:28 - 2016-09-02 17:28 - 01107968 _____ C:\Users\cehla\Desktop\RSIT.exe
2016-08-29 23:48 - 2016-09-04 08:53 - 00000000 ____D C:\Users\cehla\AppData\Roaming\vlc
2016-08-29 23:45 - 2016-08-29 23:45 - 00241696 _____ C:\ProgramData\1472506960.bdinstall.bin
2016-08-29 21:43 - 2016-08-29 21:43 - 00000000 ____D C:\Users\cehla\AppData\Roaming\WinRAR
2016-08-29 21:42 - 2016-08-29 21:42 - 00000000 ____D C:\Users\cehla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-29 21:42 - 2016-08-29 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-29 21:41 - 2016-08-29 21:42 - 00000000 ____D C:\Program Files\WinRAR
2016-08-29 20:38 - 2016-08-29 20:38 - 00000000 ____D C:\Users\cehla\AppData\Local\CEF
2016-08-29 20:35 - 2016-08-29 20:35 - 00000385 _____ C:\Users\cehla\AppData\Roaminguser_gensett.xml
2016-08-29 20:34 - 2016-08-29 20:34 - 00000000 ____D C:\Users\cehla\AppData\Temp
2016-08-29 20:29 - 2016-08-29 23:43 - 00002368 _____ C:\bdlog.txt
2016-08-29 20:29 - 2016-08-29 20:29 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-08-29 20:26 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-08-29 20:14 - 2016-08-29 20:14 - 00000000 ____D C:\Users\cehla\AppData\Roaming\QuickScan
2016-08-28 11:09 - 2016-08-28 11:09 - 00000000 ____D C:\Users\cehla\AppData\Roaming\Canneverbe Limited
2016-08-28 11:09 - 2016-08-28 11:09 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2016-08-28 11:07 - 2016-08-28 11:08 - 06231616 _____ (Canneverbe Limited ) C:\Users\cehla\Downloads\cdbxp_setup_4.5.7.6282.exe
2016-08-28 10:36 - 2016-09-04 08:27 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-08-28 10:20 - 2016-08-29 20:27 - 00000000 ____D C:\ProgramData\BDLogging
2016-08-27 16:28 - 2016-08-27 16:28 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-08-26 13:05 - 2016-08-26 13:05 - 00094967 _____ C:\Users\cehla\Desktop\applause3.wav
2016-08-17 16:41 - 2016-08-17 16:47 - 00020337 _____ C:\Users\cehla\Desktop\myto743.ods
2016-08-15 12:17 - 2016-08-15 12:17 - 00000000 ____D C:\Users\cehla\AppData\Roaming\LibreOffice
2016-08-15 12:14 - 2016-08-15 12:30 - 00000554 _____ C:\Users\cehla\Desktop\TollTransactionExport_4074719000.20160815_121412.4510.csv
2016-08-14 14:22 - 2016-08-14 21:30 - 00000000 ____D C:\Users\cehla\OneDrive\Documents\AirDroid
2016-08-14 14:22 - 2016-08-14 18:56 - 00000000 ____D C:\AirDroid
2016-08-14 14:22 - 2016-08-14 14:22 - 00001911 _____ C:\Users\Public\Desktop\AirDroid.lnk
2016-08-14 14:22 - 2016-08-14 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2016-08-14 14:21 - 2016-08-14 23:00 - 00000000 ____D C:\Program Files\AirDroid
2016-08-12 16:44 - 2016-08-12 16:44 - 00000617 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-08-12 16:44 - 2016-08-12 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-08-12 16:26 - 2016-08-12 16:26 - 00000000 ____D C:\Users\cehla\AppData\Local\Blizzard Entertainment
2016-08-12 16:25 - 2016-09-03 20:22 - 00000000 ____D C:\Users\cehla\AppData\Local\Battle.net
2016-08-12 16:25 - 2016-08-12 16:25 - 00000537 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-08-12 16:25 - 2016-08-12 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-08-12 16:25 - 2016-08-12 16:25 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-08-12 16:05 - 2016-08-12 16:37 - 00000000 ____D C:\Users\cehla\AppData\Roaming\Battle.net
2016-08-12 16:03 - 2016-08-12 16:05 - 00000000 ____D C:\ProgramData\Battle.net
2016-08-09 23:20 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-09 23:20 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-08-09 23:20 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-09 23:20 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-09 23:20 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-08-09 23:20 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2016-08-09 23:20 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-08-09 23:20 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-08-09 23:20 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-09 23:20 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-08-09 23:20 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-09 23:20 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-09 23:19 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-09 23:19 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-09 23:19 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-09 23:19 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2016-08-09 23:19 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-09 23:19 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-08-09 23:19 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-08-09 23:19 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.dll
2016-08-09 23:19 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-09 23:19 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-08-09 23:19 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-08-09 23:19 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-08-09 23:19 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-08-09 23:19 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-09 23:19 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-09 23:19 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-09 23:19 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-09 23:19 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-08-09 23:19 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-08-09 23:19 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-08-09 23:19 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-09 23:19 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-08-09 23:19 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-08-09 23:19 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2016-08-09 23:19 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2016-08-09 23:19 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-08-09 23:19 - 2016-08-03 06:44 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2016-08-09 23:19 - 2016-08-03 06:44 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2016-08-09 23:19 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-08-09 23:19 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-08-09 23:19 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-08-09 23:19 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-09 23:19 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-08-09 23:19 - 2016-08-03 06:43 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2016-08-09 23:19 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2016-08-09 23:19 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2016-08-09 23:19 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-08-09 23:19 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-08-09 23:19 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-08-09 23:19 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-09 23:19 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-09 23:19 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-08-09 23:19 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-09 23:19 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-08-09 23:19 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-08-09 23:19 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-08-09 23:19 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-08-09 23:19 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-09 23:19 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-08-09 23:19 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-08-09 23:19 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-09 23:19 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-08-09 23:19 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-08-09 23:19 - 2016-08-03 06:33 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-08-09 23:19 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-09 23:19 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-08-09 23:19 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-09 23:19 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-09 23:19 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-08-09 23:19 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-08-09 23:19 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-09 23:19 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-09 23:19 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-09 23:19 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-08-09 23:19 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-08-09 23:19 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-08-09 23:19 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-08-09 23:19 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-08-09 23:19 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-09 23:19 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-09 23:19 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-08-09 23:19 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-09 23:19 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-08-09 18:01 - 2016-08-09 18:01 - 00000000 ____D C:\Users\cehla\AppData\Local\ESET
2016-08-08 08:02 - 2016-08-08 08:02 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.2.lnk
2016-08-08 08:02 - 2016-08-08 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
2016-08-08 08:01 - 2016-08-08 08:02 - 00000000 ____D C:\Program Files\LibreOffice 5
2016-08-06 19:17 - 2016-08-06 19:17 - 00000000 ____D C:\Users\cehla\Desktop\AliEditor
2016-08-06 19:16 - 2016-08-06 19:16 - 00492493 _____ C:\Users\cehla\Desktop\AliEditor.zip
2016-08-06 08:52 - 2016-08-06 08:52 - 00000000 ____D C:\Users\cehla\AppData\Roaming\Skype
2016-08-05 12:45 - 2016-08-26 12:45 - 00000000 ____D C:\Users\cehla\AppData\Local\Thunderbird
2016-08-05 12:45 - 2016-08-05 12:45 - 00000000 ____D C:\Users\cehla\AppData\Roaming\Thunderbird
2016-08-05 12:44 - 2016-08-05 12:44 - 00001247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-08-05 12:44 - 2016-08-05 12:44 - 00001235 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-08-05 12:44 - 2016-08-05 12:44 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-08-05 09:27 - 2016-08-05 09:27 - 00001108 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-08-05 09:27 - 2016-08-05 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-05 09:27 - 2016-08-05 09:27 - 00000000 ____D C:\Program Files\VideoLAN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 08:52 - 2016-08-04 17:36 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-04 08:21 - 2015-11-03 22:40 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-09-04 04:16 - 2016-08-04 16:54 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-03 21:53 - 2015-11-03 22:28 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-03 21:53 - 2015-10-30 07:47 - 00000000 ____D C:\Windows\INF
2016-09-03 21:48 - 2016-08-04 17:36 - 00000960 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-03 21:47 - 2016-08-04 16:47 - 00000000 __SHD C:\Users\cehla\IntelGraphicsProfiles
2016-09-03 21:46 - 2015-11-03 22:24 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-03 21:15 - 2015-10-30 07:13 - 01048576 ___SH C:\Windows\system32\config\BBI
2016-09-03 20:26 - 2016-08-04 16:50 - 00000000 ____D C:\Users\cehla\AppData\Roaming\Opera Software
2016-09-03 20:26 - 2016-08-04 16:50 - 00000000 ____D C:\Users\cehla\AppData\Local\Opera Software
2016-09-03 20:26 - 2016-08-04 16:50 - 00000000 ____D C:\Program Files\Opera
2016-09-03 09:59 - 2016-08-04 16:47 - 00000000 ____D C:\Users\cehla\AppData\Local\Packages
2016-09-03 09:59 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-03 09:59 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\AppReadiness
2016-09-03 09:57 - 2016-08-04 16:45 - 00000000 ____D C:\Users\cehla
2016-09-02 23:49 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-09-02 23:49 - 2015-10-30 07:39 - 00000000 ____D C:\Windows\CbsTemp
2016-09-02 20:16 - 2015-11-03 22:17 - 00000000 ____D C:\Windows\Panther
2016-08-30 00:24 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\LiveKernelReports
2016-08-29 23:45 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\ELAMBKUP
2016-08-29 23:26 - 2015-10-30 07:13 - 00065536 ___SH C:\Windows\system32\config\ELAM
2016-08-28 23:31 - 2016-08-04 17:35 - 00000000 ____D C:\Users\cehla\AppData\Local\Google
2016-08-28 12:33 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\NDF
2016-08-28 10:14 - 2016-08-04 17:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-28 09:41 - 2016-08-04 17:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-14 19:16 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\rescache
2016-08-12 09:18 - 2015-10-30 08:44 - 00000000 ____D C:\Windows\OCR
2016-08-10 18:16 - 2015-10-30 08:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 18:16 - 2015-10-30 07:48 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-08-10 18:12 - 2016-08-04 22:28 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 18:07 - 2016-08-04 22:28 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 18:07 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-09 22:46 - 2016-08-04 16:50 - 00000000 ___RD C:\Users\cehla\OneDrive
2016-08-09 22:46 - 2015-11-03 22:23 - 00257752 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-08 01:17 - 2015-10-30 08:44 - 00000000 ____D C:\Windows\system32\winrm
2016-08-08 01:17 - 2015-10-30 08:44 - 00000000 ____D C:\Windows\system32\WCN
2016-08-08 01:17 - 2015-10-30 08:44 - 00000000 ____D C:\Windows\system32\slmgr
2016-08-08 01:17 - 2015-10-30 08:44 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ___SD C:\Windows\system32\F12
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ___RD C:\Windows\MiracastView
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ___RD C:\Windows\DevicesFlow
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\oobe
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\MUI
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\migwiz
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\system32\Com
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\IME
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\Help
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-08 01:17 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-08 01:17 - 2015-10-30 07:13 - 00000000 ____D C:\Windows\system32\Sysprep
2016-08-08 01:17 - 2015-10-30 07:13 - 00000000 ____D C:\Windows\system32\Dism
2016-08-08 01:17 - 2015-10-30 07:13 - 00000000 ____D C:\Windows\servicing
2016-08-06 08:54 - 2016-08-04 16:50 - 00002378 _____ C:\Users\cehla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-06 08:54 - 2015-10-30 07:48 - 00000000 ____D C:\Windows\AppCompat
2016-08-05 10:39 - 2016-08-04 17:15 - 00001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-05 10:39 - 2016-08-04 17:15 - 00001185 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== Files in the root of some directories =======

2016-08-29 23:45 - 2016-08-29 23:45 - 0241696 _____ () C:\ProgramData\1472506960.bdinstall.bin

Some files in TEMP:
====================
C:\Users\cehla\AppData\Local\Temp\libeay32.dll
C:\Users\cehla\AppData\Local\Temp\msvcr120.dll
C:\Users\cehla\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-27 01:13

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
SearchScopes: HKU\S-1-5-21-1218980410-4124996805-3316230869-1001 -> DefaultScope {22A91B62-C40D-4C32-9E2A-0A745740C05A} URL =
SearchScopes: HKU\S-1-5-21-1218980410-4124996805-3316230869-1001 -> {22A91B62-C40D-4C32-9E2A-0A745740C05A} URL =
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\cehla\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[psychoSVK]

Fix result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by cehla (05-09-2016 16:43:07) Run:1
Running from C:\Users\cehla\Desktop
Loaded Profiles: cehla (Available Profiles: cehla)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
SearchScopes: HKU\S-1-5-21-1218980410-4124996805-3316230869-1001 -> DefaultScope {22A91B62-C40D-4C32-9E2A-0A745740C05A} URL =
SearchScopes: HKU\S-1-5-21-1218980410-4124996805-3316230869-1001 -> {22A91B62-C40D-4C32-9E2A-0A745740C05A} URL =
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\cehla\AppData\Local\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-1218980410-4124996805-3316230869-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{22A91B62-C40D-4C32-9E2A-0A745740C05A}" => key removed successfully.
HKCR\CLSID\{22A91B62-C40D-4C32-9E2A-0A745740C05A} => key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

"C:\Users\cehla\AppData\Local\Temp" folder move:

Could not move "C:\Users\cehla\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-09-2016 16:44:25)

C:\Users\cehla\AppData\Local\Temp => moved successfully

==== End of Fixlog 16:44:26 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[psychoSVK]

Áno, vyzerá to lepšie, dokonca to rozbehalo aj bitdefender.

Ďakujem

[Rudy]

Nemáte zač!