Prosím o kontrolu

Zpráva

daveing · #1 Příspěvek od **daveing** » 11 zář 2016 19:53

Logfile of random's system information tool 1.10 (written by random/random)
Run by Daveing at 2016-09-11 20:51:41
Microsoft Windows 10 Pro
System drive C: has 289 GB (63%) free of 456 GB
Total RAM: 11195 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:51:47 PM, on 9/11/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\AMD Face Login\YouCamService.exe
C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files\trend micro\Daveing.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\AMD Face Login\YouCamService.exe" /s
O4 - HKLM\..\Run: [ccav] "C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe" -autorun
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Daveing\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ccavsrv - COMODO - C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8752 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWoW64\SAsrv.exe
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe" -service
"C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe" -service
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
atieclxx

PopUpReboot
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
sihost.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Daveing\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x24c
"C:\Windows\RTFTrack.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7796.0.1961563673\466622020" --mojo-application-channel-token=747940F9AF4D536B1ABF949F83066C15 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillEnabled/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledSlowStartLargeReductionJuly/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x1309 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2201.0 --gpu-driver-date=7-7-2016 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x6665 --mojo-platform-channel-handle=1312 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledSlowStartLargeReductionJuly/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=573D29FF5B08ADD0EC475444EB37B985 --lang=en-US --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BE4D29668ACD109AEE7453E29E903CDC --mojo-application-channel-token=FA220AD3491AA5482CB7CC51EE0993C7 --channel="7796.3.1825198716\257299602" --mojo-platform-channel-handle=2884 /prefetch:1
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\CyberLink\AMD Face Login\YouCamService.exe" /s
"C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe" -autorun
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
"C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledSlowStartLargeReductionJuly/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=661399FEF2BE37E8F4F299712A7C080B --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=C9F7B42F286BB7335F3EF5AE67FCF4C7 --mojo-application-channel-token=4401A7FB478D1741073CD8F79ABDC085 --channel="7796.5.22942999\806062022" --mojo-platform-channel-handle=5136 /prefetch:1
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 3564
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledSlowStartLargeReductionJuly/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_70/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_18/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=7EAFBE98EAA1C00CA7A30E64B929EB40 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=F7B434532171FB08A23011B44386C58A --mojo-application-channel-token=7163721B22F86014956E0C476D7C6151 --channel="7796.7.1601297536\194984047" --mojo-platform-channel-handle=3140 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 772 776 784 8192 780
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x408
"C:\Users\Daveing\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-20 919768]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2016-09-03 5175568]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-08-11 6625672]
"hshhsaaaws"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Daveing\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-08 554184]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-07-14 29502592]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-08-23 2857248]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2015-04-06 488640]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-07-29 4299968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-08-02 71440]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-08-23 58640]
"YouCam Service"=C:\Program Files (x86)\CyberLink\AMD Face Login\YouCamService.exe [2014-07-25 278280]
"ccav"=C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [2016-08-25 5162192]
"IseUI"=C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [2016-08-17 3170504]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-11 20:51:41 ----D---- C:\rsit
2016-09-11 20:51:41 ----D---- C:\Program Files\trend micro
2016-09-11 12:40:34 ----D---- C:\CCAV
2016-09-04 20:02:56 ----D---- C:\Program Files (x86)\Ubisoft
2016-09-04 14:28:43 ----D---- C:\Program Files\Realtek
2016-09-04 14:28:41 ----D---- C:\WINDOWS\LastGood.Tmp
2016-09-03 00:42:02 ----A---- C:\WINDOWS\SYSWOW64\RtCamP.dll
2016-09-03 00:42:02 ----A---- C:\WINDOWS\SYSWOW64\RsDecode.dll
2016-09-03 00:42:02 ----A---- C:\WINDOWS\system32\RtCamP64.dll
2016-09-03 00:42:02 ----A---- C:\WINDOWS\system32\RtCamO64.dll
2016-09-02 20:46:52 ----D---- C:\ProgramData\HandSetService
2016-09-02 20:46:51 ----D---- C:\ProgramData\HiSuiteOuc
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\WUDFUpdate_01009.dll
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\winusbcoinstaller2.dll
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\WdfCoInstaller01009.dll
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\hw_usbdev.sys
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\hw_quusbnet.sys
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\hw_quusbmdm.sys
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\hw_cdcacm.sys
2016-09-02 20:46:04 ----A---- C:\WINDOWS\system32\drivers\ew_usbccgpfilter.sys
2016-09-02 20:45:58 ----D---- C:\Program Files (x86)\HiSuite
2016-09-02 20:45:05 ----D---- C:\Users\Daveing\AppData\Roaming\WinRAR
2016-09-02 20:44:52 ----AD---- C:\Program Files\WinRAR
2016-09-01 17:19:16 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-09-01 17:19:16 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-09-01 17:19:16 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-09-01 17:19:16 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-09-01 17:19:16 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-09-01 17:19:16 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-09-01 17:19:16 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 17:19:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 17:19:15 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-09-01 17:19:15 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-09-01 17:19:15 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-09-01 17:19:15 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 17:19:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-09-01 17:19:14 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-09-01 17:19:14 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-09-01 17:19:14 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-09-01 17:19:14 ----A---- C:\WINDOWS\system32\wups2.dll
2016-09-01 17:19:14 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 17:19:14 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 17:19:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2016-09-01 17:19:13 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 17:19:13 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 17:19:13 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 17:19:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-09-01 17:19:12 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 17:19:12 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-09-01 17:19:12 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 17:19:12 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-09-01 17:19:11 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-09-01 17:19:11 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-09-01 17:19:11 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-09-01 17:19:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 17:19:11 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 17:19:11 ----A---- C:\WINDOWS\system32\mfps.dll
2016-09-01 17:19:11 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2016-09-01 17:19:10 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-09-01 17:19:10 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-09-01 17:19:10 ----A---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2016-09-01 17:19:10 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2016-09-01 17:19:09 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 17:19:09 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 17:19:09 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 17:19:08 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-09-01 17:19:08 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 17:19:08 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-09-01 17:19:07 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-09-01 17:19:06 ----A---- C:\WINDOWS\system32\DscCore.dll
2016-09-01 17:19:06 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 17:19:05 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 17:19:05 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-09-01 17:19:04 ----A---- C:\WINDOWS\system32\schannel.dll
2016-09-01 17:19:04 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-09-01 17:19:04 ----A---- C:\WINDOWS\system32\combase.dll
2016-09-01 17:19:03 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-09-01 17:19:03 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-09-01 17:19:01 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-09-01 17:19:01 ----A---- C:\WINDOWS\SYSWOW64\C_IS2022.DLL
2016-09-01 17:19:01 ----A---- C:\WINDOWS\SYSWOW64\C_G18030.DLL
2016-09-01 17:19:01 ----A---- C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 17:19:01 ----A---- C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 17:19:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-09-01 17:18:58 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2016-09-01 17:18:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 17:18:57 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-09-01 17:18:55 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 17:18:53 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-09-01 17:18:52 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-09-01 17:18:52 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-09-01 17:18:50 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-09-01 17:18:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 17:18:47 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 17:18:47 ----A---- C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 17:18:46 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-09-01 17:18:46 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-09-01 17:18:45 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-09-01 17:18:45 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-09-01 17:18:45 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-09-01 17:18:45 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-09-01 17:18:45 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-09-01 17:18:45 ----A---- C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 17:18:45 ----A---- C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 17:18:44 ----A---- C:\WINDOWS\system32\shutdownux.dll
2016-09-01 17:18:44 ----A---- C:\WINDOWS\system32\msctf.dll
2016-09-01 17:18:44 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-09-01 17:18:44 ----A---- C:\WINDOWS\system32\aclui.dll
2016-09-01 17:18:43 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-09-01 17:18:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-09-01 17:18:42 ----A---- C:\WINDOWS\system32\shell32.dll
2016-09-01 17:18:40 ----A---- C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 17:18:40 ----A---- C:\WINDOWS\system32\storagewmi.dll
2016-09-01 17:18:40 ----A---- C:\WINDOWS\system32\smphost.dll
2016-09-01 17:18:40 ----A---- C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 17:18:40 ----A---- C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 17:18:39 ----A---- C:\WINDOWS\system32\mispace.dll
2016-09-01 17:18:38 ----A---- C:\WINDOWS\system32\wincorlib.dll
2016-09-01 17:18:38 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 17:18:37 ----A---- C:\WINDOWS\SYSWOW64\storagewmi_passthru.dll
2016-09-01 17:18:37 ----A---- C:\WINDOWS\SYSWOW64\smphost.dll
2016-09-01 17:18:37 ----A---- C:\WINDOWS\SYSWOW64\DscCoreConfProv.dll
2016-09-01 17:18:37 ----A---- C:\WINDOWS\SYSWOW64\delegatorprovider.dll
2016-09-01 17:18:36 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2016-09-01 17:18:36 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\provtool.exe
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\provops.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\provdatastore.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2016-09-01 17:18:35 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 17:18:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-09-01 17:18:34 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-09-01 17:18:34 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-09-01 17:18:34 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 17:18:34 ----A---- C:\WINDOWS\system32\provengine.dll
2016-09-01 17:18:34 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-01 17:18:33 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 17:18:33 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 17:18:33 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-09-01 17:18:32 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-09-01 17:18:32 ----A---- C:\WINDOWS\system32\twinui.dll
2016-09-01 17:18:31 ----A---- C:\WINDOWS\system32\hvix64.exe
2016-09-01 17:18:31 ----A---- C:\WINDOWS\system32\hvax64.exe
2016-09-01 17:18:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 17:18:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-09-01 17:18:29 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-09-01 17:18:29 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2016-09-01 17:18:28 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 17:18:28 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 17:18:28 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 17:18:28 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 17:18:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-09-01 17:18:27 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-09-01 17:18:26 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-09-01 17:18:26 ----A---- C:\WINDOWS\SYSWOW64\ClipboardServer.dll
2016-09-01 17:18:25 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-09-01 17:18:25 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 17:18:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 17:18:24 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 17:18:24 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 17:18:24 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 17:18:24 ----A---- C:\WINDOWS\system32\usocore.dll
2016-09-01 17:18:24 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 17:18:23 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 17:18:23 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-09-01 17:18:22 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 17:18:21 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 17:18:21 ----A---- C:\WINDOWS\system32\cdd.dll
2016-09-01 17:18:20 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2016-09-01 17:18:20 ----A---- C:\WINDOWS\SYSWOW64\c_GSM7.DLL
2016-09-01 17:18:19 ----A---- C:\WINDOWS\system32\hvloader.exe
2016-09-01 17:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-09-01 17:18:18 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-09-01 17:18:17 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-09-01 17:18:17 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-09-01 17:18:17 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-09-01 17:18:16 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-09-01 17:18:16 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 17:18:15 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-09-01 17:18:15 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-09-01 17:18:14 ----A---- C:\WINDOWS\system32\winload.exe
2016-09-01 17:18:13 ----A---- C:\WINDOWS\system32\GamePanel.exe
2016-09-01 17:18:13 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 17:18:12 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-09-01 17:18:12 ----A---- C:\WINDOWS\system32\clusapi.dll
2016-09-01 17:18:11 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-09-01 17:18:11 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-09-01 17:18:10 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-09-01 17:18:10 ----A---- C:\WINDOWS\system32\winresume.exe
2016-09-01 17:18:10 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2016-09-01 17:18:09 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-09-01 17:18:09 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 17:18:09 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-09-01 17:18:08 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-09-01 17:18:06 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2016-09-01 17:18:05 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-09-01 17:18:05 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-09-01 17:18:04 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2016-09-01 17:18:04 ----A---- C:\WINDOWS\SYSWOW64\encapi.dll
2016-09-01 17:18:04 ----A---- C:\WINDOWS\system32\encapi.dll
2016-09-01 17:18:03 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-09-01 17:18:02 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-09-01 17:18:01 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-01 17:18:00 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll
2016-09-01 17:18:00 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-08-29 19:52:31 ----SHD---- C:\ProgramData\SecuROM
2016-08-28 23:14:54 ----RHD---- C:\Users\Daveing\AppData\Roaming\SecuROM
2016-08-28 23:14:51 ----A---- C:\WINDOWS\SYSWOW64\CmdLineExt_x64.dll
2016-08-28 23:14:33 ----D---- C:\WINDOWS\SYSWOW64\xlive
2016-08-28 23:14:33 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2016-08-25 10:22:32 ----A---- C:\WINDOWS\system32\drivers\CmdCCAV.sys
2016-08-24 21:31:31 ----A---- C:\WINDOWS\system32\wpninprc.dll
2016-08-24 21:31:28 ----A---- C:\WINDOWS\system32\dafpos.dll
2016-08-24 21:31:18 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-24 21:31:17 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2016-08-24 21:31:17 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-08-24 21:31:17 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-08-24 21:31:13 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2016-08-24 21:31:12 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-08-24 21:31:12 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-24 21:31:12 ----A---- C:\WINDOWS\system32\pidgenx.dll
2016-08-24 21:31:12 ----A---- C:\WINDOWS\system32\GenValObj.exe
2016-08-24 21:31:11 ----A---- C:\WINDOWS\SYSWOW64\pidgenx.dll
2016-08-24 21:31:11 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2016-08-24 21:31:09 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncPolicy.dll
2016-08-24 21:31:09 ----A---- C:\WINDOWS\system32\sppcext.dll
2016-08-24 21:31:09 ----A---- C:\WINDOWS\system32\sppc.dll
2016-08-24 21:31:09 ----A---- C:\WINDOWS\system32\slc.dll
2016-08-24 21:31:09 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-08-24 21:31:08 ----A---- C:\WINDOWS\system32\slcext.dll
2016-08-24 21:31:08 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2016-08-24 21:31:07 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-08-24 21:31:07 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-24 21:31:06 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-08-24 21:31:05 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-08-24 21:31:02 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 21:31:01 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-24 21:30:58 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-08-24 21:30:58 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-08-24 21:30:58 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-08-24 21:30:58 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2016-08-24 21:30:58 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-08-24 21:30:58 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-24 21:30:58 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-24 21:30:57 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-08-24 21:30:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-24 21:30:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-24 21:30:50 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2016-08-24 21:30:50 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2016-08-24 21:30:50 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2016-08-24 21:30:50 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-08-24 21:30:49 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-08-24 21:30:49 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-08-24 21:30:49 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-08-24 21:30:48 ----A---- C:\WINDOWS\SYSWOW64\mfpmp.exe
2016-08-24 21:30:48 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-08-24 21:30:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-24 21:30:47 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-24 21:30:47 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-24 21:30:47 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-24 21:30:47 ----A---- C:\WINDOWS\system32\iesetup.dll
2016-08-24 21:30:47 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\SYSWOW64\tcpipcfg.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\SYSWOW64\netiougc.exe
2016-08-24 21:30:46 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\system32\tcpipcfg.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\system32\netiougc.exe
2016-08-24 21:30:46 ----A---- C:\WINDOWS\system32\iernonce.dll
2016-08-24 21:30:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-24 21:30:45 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-08-24 21:30:45 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-24 21:30:45 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-24 21:30:45 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-24 21:30:45 ----A---- C:\WINDOWS\system32\container.dll
2016-08-24 21:30:44 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2016-08-24 21:30:43 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-24 21:30:42 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-08-24 21:30:41 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-08-24 21:30:39 ----A---- C:\WINDOWS\SYSWOW64\deviceassociation.dll
2016-08-24 21:30:38 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2016-08-24 21:30:38 ----A---- C:\WINDOWS\system32\tsmf.dll
2016-08-24 21:30:34 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2016-08-24 21:30:34 ----A---- C:\WINDOWS\SYSWOW64\slcext.dll
2016-08-24 21:30:34 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-08-24 21:30:33 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-08-24 21:30:32 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-08-24 21:30:29 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-08-24 21:30:28 ----A---- C:\WINDOWS\SYSWOW64\MSAJApi.dll
2016-08-24 21:30:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-24 21:30:23 ----A---- C:\WINDOWS\system32\samlib.dll
2016-08-24 21:30:23 ----A---- C:\WINDOWS\system32\offlinesam.dll
2016-08-24 21:30:22 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-08-24 21:30:22 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2016-08-24 21:30:21 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-24 21:30:20 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-08-24 21:30:19 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-24 21:30:19 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-24 21:30:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-08-24 21:30:15 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2016-08-24 21:30:15 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2016-08-24 21:30:15 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-24 21:30:15 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2016-08-24 21:30:14 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2016-08-24 21:30:14 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-08-24 21:30:12 ----A---- C:\WINDOWS\system32\mf.dll
2016-08-24 21:30:11 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-08-24 21:30:11 ----A---- C:\WINDOWS\system32\mfpmp.exe
2016-08-24 21:30:11 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-24 21:30:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-24 21:30:09 ----A---- C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-24 21:30:08 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-24 21:30:08 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-24 21:30:08 ----A---- C:\WINDOWS\system32\deviceassociation.dll
2016-08-24 21:30:08 ----A---- C:\WINDOWS\system32\dasHost.exe
2016-08-24 21:30:07 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-24 21:30:06 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2016-08-24 21:30:06 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-24 21:30:05 ----A---- C:\WINDOWS\system32\das.dll
2016-08-24 21:30:03 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-24 21:30:02 ----A---- C:\WINDOWS\system32\w32time.dll
2016-08-24 21:30:02 ----A---- C:\WINDOWS\system32\uReFS.dll
2016-08-24 21:30:00 ----A---- C:\WINDOWS\system32\winmde.dll
2016-08-24 21:30:00 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-08-24 21:29:56 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2016-08-24 21:29:56 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2016-08-24 21:29:55 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2016-08-24 21:29:55 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2016-08-24 21:29:55 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2016-08-24 21:29:47 ----A---- C:\WINDOWS\system32\wmp.dll
2016-08-24 21:29:45 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-08-24 21:29:42 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-24 21:29:42 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-08-24 21:29:40 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-08-24 21:29:40 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-08-24 21:29:39 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-24 21:29:38 ----A---- C:\WINDOWS\SYSWOW64\spwmp.dll
2016-08-24 21:29:38 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2016-08-24 21:29:38 ----A---- C:\WINDOWS\SYSWOW64\slc.dll
2016-08-24 21:29:38 ----A---- C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-24 21:29:37 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-08-24 21:29:37 ----A---- C:\WINDOWS\SYSWOW64\dxmasf.dll
2016-08-24 21:29:37 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-08-24 21:29:37 ----A---- C:\WINDOWS\system32\spwmp.dll
2016-08-24 21:29:37 ----A---- C:\WINDOWS\system32\dxmasf.dll
2016-08-22 18:11:08 ----A---- C:\WINDOWS\system32\drivers\dtliteusbbus.sys
2016-08-22 18:11:07 ----D---- C:\Users\Daveing\AppData\Roaming\DAEMON Tools Lite
2016-08-22 18:11:07 ----A---- C:\WINDOWS\system32\drivers\dtlitescsibus.sys
2016-08-22 18:11:03 ----D---- C:\Program Files\DAEMON Tools Lite
2016-08-22 18:10:53 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-08-22 17:58:32 ----A---- C:\WINDOWS\system32\drivers\VBoxDrv.sys
2016-08-22 17:58:21 ----A---- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys
2016-08-22 17:58:17 ----D---- C:\Program Files\Oracle
2016-08-21 18:58:18 ----D---- C:\Users\Daveing\AppData\Roaming\BSplayer Pro
2016-08-21 18:58:18 ----D---- C:\Users\Daveing\AppData\Roaming\BSplayer
2016-08-21 18:58:18 ----D---- C:\Program Files (x86)\Webteh
2016-08-19 14:35:13 ----AD---- C:\Program Files\ATI Technologies
2016-08-19 14:16:14 ----A---- C:\WINDOWS\SYSWOW64\iseguard32.dll
2016-08-19 14:16:14 ----A---- C:\WINDOWS\system32\iseguard64.dll
2016-08-19 14:16:14 ----A---- C:\WINDOWS\system32\drivers\isedrv.sys
2016-08-19 14:16:06 ----D---- C:\Program Files (x86)\COMODO
2016-08-16 20:18:06 ----A---- C:\WINDOWS\system32\drivers\VBoxNetLwf.sys
2016-08-16 20:18:06 ----A---- C:\WINDOWS\system32\drivers\VBoxNetAdp6.sys
2016-08-16 11:27:18 ----HD---- C:\ProgramData\CanonBJ
2016-08-16 11:27:06 ----A---- C:\WINDOWS\system32\CNMLMBA.DLL
2016-08-14 12:38:10 ----D---- C:\WINDOWS\Minidump
2016-08-12 15:44:13 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-12 15:44:13 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 15:44:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-12 15:43:59 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-12 01:07:20 ----A---- C:\WINDOWS\SYSWOW64\SET4514.tmp
2016-08-12 01:07:20 ----A---- C:\WINDOWS\SYSWOW64\SET1504.tmp
2016-08-12 01:06:52 ----A---- C:\WINDOWS\SYSWOW64\SET42EB.tmp
2016-08-12 01:06:52 ----A---- C:\WINDOWS\system32\SET45A5.tmp
2016-08-12 01:06:52 ----A---- C:\WINDOWS\system32\coinst_16.30.dll
2016-08-12 01:06:50 ----A---- C:\WINDOWS\SYSWOW64\SET4535.tmp
2016-08-12 01:06:50 ----A---- C:\WINDOWS\SYSWOW64\SET1F91.tmp
2016-08-12 01:06:48 ----A---- C:\WINDOWS\SYSWOW64\SETB69.tmp

======List of files/folders modified in the last 1 month======

2016-09-11 20:51:41 ----RD---- C:\Program Files
2016-09-11 20:51:36 ----D---- C:\WINDOWS\Temp
2016-09-11 20:51:35 ----D---- C:\WINDOWS\Prefetch
2016-09-11 20:46:10 ----D---- C:\Users\Daveing\AppData\Roaming\Raptr
2016-09-11 20:45:52 ----D---- C:\WINDOWS\system32\sru
2016-09-11 20:45:14 ----D---- C:\WINDOWS\AppReadiness
2016-09-11 20:45:12 ----D---- C:\WINDOWS\system32\drivers
2016-09-11 20:45:12 ----D---- C:\WINDOWS\system32\CatRoot
2016-09-11 20:45:12 ----D---- C:\WINDOWS\INF
2016-09-11 20:45:11 ----D---- C:\WINDOWS\system32\DriverStore
2016-09-11 12:59:24 ----D---- C:\Program Files (x86)\Steam
2016-09-11 12:50:43 ----RD---- C:\WINDOWS\Microsoft.NET
2016-09-11 12:45:22 ----D---- C:\WINDOWS\System32
2016-09-11 12:45:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 12:38:32 ----D---- C:\WINDOWS\system32\catroot2
2016-09-11 12:38:30 ----D---- C:\WINDOWS\system32\SleepStudy
2016-09-11 08:51:39 ----D---- C:\Users\Daveing\AppData\Roaming\Skype
2016-09-10 16:06:07 ----HD---- C:\Program Files\WindowsApps
2016-09-05 17:41:01 ----SHD---- C:\System Volume Information
2016-09-04 20:50:52 ----RSD---- C:\WINDOWS\assembly
2016-09-04 20:49:36 ----SHD---- C:\WINDOWS\Installer
2016-09-04 20:49:36 ----SHD---- C:\Config.Msi
2016-09-04 20:02:56 ----RD---- C:\Program Files (x86)
2016-09-04 16:36:11 ----D---- C:\Windows
2016-09-04 14:28:41 ----D---- C:\WINDOWS\SysWOW64
2016-09-03 00:42:04 ----A---- C:\WINDOWS\RTFTrack.exe
2016-09-02 20:46:52 ----HD---- C:\ProgramData
2016-09-02 20:44:15 ----D---- C:\WINDOWS\system32\config
2016-09-02 20:41:58 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-09-02 19:45:36 ----D---- C:\WINDOWS\rescache
2016-09-02 19:21:49 ----D---- C:\WINDOWS\WinSxS
2016-09-02 18:22:07 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-09-02 18:22:07 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-09-02 18:22:06 ----SD---- C:\WINDOWS\system32\dsc
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\zh-TW
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\zh-HK
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\zh-CN
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\wbem
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\uk-UA
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\tr-TR
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\th-TH
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\sv-SE
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\sl-SI
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\sk-SK
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\ru-RU
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\ro-RO
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\pt-PT
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\pt-BR
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\pl-PL
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\nl-NL
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\nb-NO
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\migration
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\lv-LV
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\lt-LT
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\ko-KR
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\ja-jp
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\it-IT
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\hu-HU
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\hr-HR
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\he-IL
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\fr-FR
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\fr-CA
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\fi-FI
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\et-EE
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\es-MX
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\es-ES
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\en-US
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\en-GB
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\el-GR
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\de-DE
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\da-DK
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\cs-CZ
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\Boot
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\bg-BG
2016-09-02 18:22:06 ----D---- C:\WINDOWS\system32\ar-SA
2016-09-02 18:22:01 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-09-02 18:22:01 ----D---- C:\WINDOWS\ShellExperiences
2016-09-02 18:22:01 ----D---- C:\WINDOWS\Provisioning
2016-09-02 18:22:01 ----D---- C:\WINDOWS\PolicyDefinitions
2016-09-02 18:22:01 ----D---- C:\WINDOWS\AppPatch
2016-09-02 18:22:01 ----D---- C:\Program Files\Windows Mail
2016-09-02 18:22:01 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2016-09-02 18:22:01 ----D---- C:\Program Files (x86)\Windows Mail
2016-09-02 18:20:09 ----D---- C:\WINDOWS\CbsTemp
2016-09-01 17:12:13 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2016-09-01 17:12:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-09-01 17:12:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-01 17:12:12 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-09-01 17:12:08 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 17:12:08 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-01 17:12:07 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-09-01 17:12:06 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-01 17:12:04 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-01 17:12:04 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-01 17:11:57 ----A---- C:\WINDOWS\system32\win32u.dll
2016-09-01 17:11:54 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2016-08-29 18:08:28 ----SD---- C:\ProgramData\Microsoft
2016-08-28 23:10:43 ----D---- C:\WINDOWS\Logs
2016-08-28 13:44:32 ----D---- C:\WINDOWS\system32\Tasks
2016-08-28 13:44:32 ----AD---- C:\Program Files (x86)\TeamViewer
2016-08-26 07:43:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-08-25 10:23:02 ----A---- C:\WINDOWS\system32\CcavGuard64.dll
2016-08-25 10:22:52 ----A---- C:\WINDOWS\SYSWOW64\CcavGuard32.dll
2016-08-25 00:00:48 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-25 00:00:46 ----D---- C:\WINDOWS\system32\appraiser
2016-08-25 00:00:44 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-25 00:00:43 ----D---- C:\Program Files\Windows Media Player
2016-08-24 21:24:34 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-22 21:09:55 ----D---- C:\Users\Daveing\AppData\Roaming\vlc
2016-08-22 21:09:43 ----D---- C:\Users\Daveing\AppData\Roaming\dvdcss
2016-08-22 17:58:32 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-08-19 14:34:08 ----D---- C:\AMD
2016-08-19 14:16:14 ----D---- C:\ProgramData\COMODO
2016-08-16 11:28:23 ----D---- C:\WINDOWS\system32\FxsTmp
2016-08-15 16:41:20 ----AD---- C:\Program Files\AMD
2016-08-15 16:37:04 ----D---- C:\WINDOWS\system32\WDI
2016-08-15 16:12:06 ----SD---- C:\Users\Daveing\AppData\Roaming\Microsoft
2016-08-15 16:11:10 ----D---- C:\ProgramData\AMD
2016-08-12 15:55:36 ----D---- C:\WINDOWS\system32\MRT
2016-08-12 15:45:22 ----D---- C:\WINDOWS\debug
2016-08-12 15:44:44 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-12 15:35:11 ----D---- C:\WINDOWS\appcompat
2016-08-12 15:33:05 ----D---- C:\WINDOWS\system32\restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide64;amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [2015-05-11 13848]
R0 amdkmpfd;@oem3.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2016-07-20 78072]
R0 cmdccav;cmdccav; C:\WINDOWS\system32\drivers\CmdCCAV.sys [2016-08-25 153640]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 isedrv;Internet Security Essentials; C:\WINDOWS\system32\drivers\isedrv.sys [2016-08-17 50336]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [2016-08-11 314392]
R2 APXACC;@oem5.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2015-04-03 229056]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 ACPIVPC;@oem7.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-04 42328]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-07-20 26714136]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-07-20 509456]
R3 AtiHDAudioService;@oem25.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-07-28 118848]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-20 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-08-20 247296]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-07-16 128000]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-20 84992]
R3 clwvd;@oem1.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\WINDOWS\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 CnxtHdAudService;@oem9.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-05-15 1536528]
R3 dtlitescsibus;@oem33.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-08-22 30264]
R3 dtliteusbbus;@oem34.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-08-22 47672]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@oem17.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RtkBtFilter;@oem4.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2015-12-09 593624]
R3 RTSUER;@oem6.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-03 410880]
R3 rtsuvc;@oem46.inf,%rtsuvc.DeviceDesc%;EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2016-09-03 3136272]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2016-07-16 5144064]
R3 SynTP;@oem0.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2016-06-01 642168]
S0 amdkmafd;@oem18.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-07-28 40720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-07-16 126304]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-08-20 965120]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-07-16 117248]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-20 73568]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-07-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-07-16 50688]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2016-07-16 45568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2016-07-07 138752]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-07-20 278544]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-08-11 121856]
R2 ccavsrv;ccavsrv; C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [2016-08-25 5162192]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_276d67;CDPUserSvc_276d67; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-07-12 9728]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [2016-05-25 191688]
R2 isesrv;isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [2016-08-17 124104]
R2 OneSyncSvc_276d67;Sync Host_276d67; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-08-02 32528]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-06-01 255608]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-08-25 7534864]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-07-29 1467072]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_276d67;Contact Data_276d67; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2014-10-20 207576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-26 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_276d67;MessagingService_276d67; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-07-16 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-07-16 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-07-16 823136]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 12 zář 2016 18:52

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

daveing · #3 Příspěvek od **daveing** » 12 zář 2016 20:19

daveing · #4 Příspěvek od **daveing** » 12 zář 2016 20:19

Zdravím a děkuji,

# AdwCleaner v6.010 - Logfile created 12/09/2016 at 21:15:10
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-09-12.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Daveing - DAVE
# Running from : C:\Users\Daveing\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-2934020260-1751348617-3203402355-1001\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\Conduit
[-] Key deleted: HKLM\SOFTWARE\Conduit

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [907 Bytes] - [12/09/2016 21:15:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [1236 Bytes] - [12/09/2016 21:14:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1052 Bytes] ##########

#5 Příspěvek od **Rudy** » 12 zář 2016 20:20

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

daveing · #6 Příspěvek od **daveing** » 13 zář 2016 20:24

To bohužel není možné, skončí to na Backing up registry, this should take a few seconds..., a tento stav není konečný a nelze jej tedy žádným způsobem spustit.

#7 Příspěvek od **Rudy** » 13 zář 2016 20:27

V desítkách nemohu mazat z RSIT, riskuji poškození systému. Můžete ho spustit alespoň v nouz. režimu?

daveing · #8 Příspěvek od **daveing** » 24 zář 2016 15:58

V nouzovém režimu se FRST ani nespustí

#9 Příspěvek od **Rudy** » 24 zář 2016 17:21

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Jste první případ Win10, kde nejde spustit FRST.

daveing · #10 Příspěvek od **daveing** » 26 zář 2016 16:12

Nemůže to být anniversary updatem, který již mám nainstalován?
Log vypadá ok:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/26/2016
Scan Time: 4:38 PM
Logfile: text.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.09.26.06
Rootkit Database: v2016.09.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Daveing

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 348601
Time Elapsed: 12 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#11 Příspěvek od **Rudy** » 26 zář 2016 17:02

Vypadá to, že PC je po virové stránce čistý. Ještě odstraňte zbytečnosti pomocí CCleaneru: http://forum.viry.cz/viewtopic.php?f=46&t=7478 .

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu