Notebook je spomalený, seka ...

[Tristan]

Dobrý deň.
Chcel by som Vás poprosiť o prezretie notebooku.
Dosť často mi seká alebo je spomalený, veľa programov keď spúšťam tak nabehnú až po dlhšej chvíli alebo mi vyskočí že prestal pracovať. Dosť často sa mi pridajú jazyky klávesnice ako čeština a angličtina(USA) ale odstrániť ich neviem lebo ich nemám medzi jazykmi ale v panely hej. A zopár krát sa mi stalo že sa mi samo niečo spustilo.

[Tristan]

Prikladám log.
Vopred ďakujem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Richard at 2016-11-08 23:57:25
Microsoft Windows 10 Home
System drive C: has 575 GB (62%) free of 935 GB
Total RAM: 8124 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:57:59, on 08.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
C:\Users\Richard\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\GlassWire\GWIdlMon.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Richard\AppData\Local\Android\android-sdk\platform-tools\adb.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Richard.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [GlassWire] "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide
O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GlassWire Control Service (GlassWire) - SecureMix LLC - C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Perforce - Perforce Software Inc. - C:\Program Files\Perforce\Server\p4s.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15345 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-47afc8c9-5545-4d05-a6f1-c393ec872917 -SystemEventPortName:HostProcess-d0be721c-9b33-478c-900d-6d4c4518e81c -IoCancelEventPortName:HostProcess-4736de22-e1ac-4435-b91f-4cecc2b71689 -NonStateChangingEventPortName:HostProcess-277667e9-0f02-473a-bf75-65962464ca83 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cd676098-23a5-40ae-8c63-48913efee9de -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
dashost.exe {d86cb37f-02ea-4277-a9d68d0d7b37aecd}
"C:\Program Files (x86)\GlassWire\GWCtlSrv.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc

C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files\Perforce\Server\p4s.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"

C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\HP\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\Richard\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\GlassWire\GWIdlMon.exe" --cookie 31499290176364 --port 26887
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"fontdrvhost.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16092.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\WINDOWS\system32\SystemSettingsAdminFlows.exe" LanguagePackInstaller
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\WLANExt.exe 1896059814896
\??\C:\WINDOWS\system32\conhost.exe 0x4
adb -P 5037 fork-server server --reply-fd 484
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Windows Defender\\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 4E0DEBF9-827B-56E6-5BA2-CCB6C0CE7776 -Reinvoke
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" "-cachedir=C:\Users\Richard\AppData\Local\Steam\htmlcache" "-steampid=14308" "-buildid=1476379980" "-steamid=76561197989181650" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.71 --handshake-handle=0x240
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,19,33,50,59 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4531 --gpu-driver-date=9-29-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1140 --mojo-application-channel-token=107EF90C541FB5832BC88F9E69F3885B --mojo-platform-channel-handle=1364 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=E804843515064E1C4494A987227174AB --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=E804843515064E1C4494A987227174AB --channel="6988.1.603134962\672444144" --mojo-platform-channel-handle=2204 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=1B79EBA16DFE7ECDF5704624C3E00B50 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=1B79EBA16DFE7ECDF5704624C3E00B50 --channel="6988.2.271663482\1282852406" --mojo-platform-channel-handle=2704 /prefetch:1
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=817423098BFFA5A3EDFFC4DBE3636E0C --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=817423098BFFA5A3EDFFC4DBE3636E0C --channel="6988.5.276484295\1687342548" --mojo-platform-channel-handle=5728 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=A56BA9EB16AF8A684A610165CCA37A28 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=A56BA9EB16AF8A684A610165CCA37A28 --channel="6988.6.1446067763\660831889" --mojo-platform-channel-handle=6512 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D7E0915D9992E1DF97BC397CFF1D5E95 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=D7E0915D9992E1DF97BC397CFF1D5E95 --channel="6988.7.2040031363\1387067752" --mojo-platform-channel-handle=6756 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=8F46F5E83B808BEAC48F57A6FE7B3A8E --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=8F46F5E83B808BEAC48F57A6FE7B3A8E --channel="6988.8.1350786189\382919111" --mojo-platform-channel-handle=7068 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_01/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=ACC715E3281C14C7B80A2D9F51E3ACE2 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=ACC715E3281C14C7B80A2D9F51E3ACE2 --channel="6988.9.996958355\136921948" --mojo-platform-channel-handle=7516 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe142_ Global\UsGthrCtrlFltPipeMssGthrPipe142 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 604 648 656 8192 652
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x6a8
"C:\Users\Richard\Downloads\RSITx64.exe"


======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForRichard.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForRichard (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08 214216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08 2326320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04 440712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-08 151248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-08 1632048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04 416320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-07-28 8725248]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-07-28 1407744]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-11-01 401896]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"Ashampoo HDD-Control 2 Guard"=C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [2012-07-30 3783592]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2016-06-14 1767944]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-09-07 631808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Richard\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-27 633024]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2016-09-26 3134728]
"GlassWire"=C:\Program Files (x86)\GlassWire\glasswire.exe [2016-08-31 5738960]
"BlueStacks Agent"=C:\Program Files (x86)\Bluestacks\HD-Agent.exe [2016-10-21 986648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-10-08 1045304]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-08-24 2383040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

[Tristan]

======List of files/folders created in the last 1 month======

2016-11-08 23:57:26 ----D---- C:\Program Files\trend micro
2016-11-08 23:57:25 ----D---- C:\rsit
2016-11-07 22:03:07 ----SHD---- C:\Config.Msi
2016-11-06 17:24:30 ----HD---- C:\OneDriveTemp
2016-11-01 23:06:06 ----A---- C:\WINDOWS\system32\igdumdim64.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\SYSWOW64\iglhsip32.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\SYSWOW64\iglhcp32.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\SYSWOW64\igfxcmrt32.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\SYSWOW64\igfx11cmrt32.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\SYSWOW64\igd11dxva32.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\system32\iglhsip64.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\system32\iglhcp64.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\system32\igfxexps.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\system32\igfxcmrt64.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\system32\igfx11cmrt64.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\system32\igd11dxva64.dll
2016-11-01 23:06:00 ----A---- C:\WINDOWS\system32\igdmd64.dll
2016-11-01 23:05:58 ----A---- C:\WINDOWS\SYSWOW64\igdmd32.dll
2016-11-01 23:05:58 ----A---- C:\WINDOWS\SYSWOW64\igdde32.dll
2016-11-01 23:05:58 ----A---- C:\WINDOWS\SYSWOW64\igc32.dll
2016-11-01 23:05:58 ----A---- C:\WINDOWS\system32\igdde64.dll
2016-11-01 23:05:58 ----A---- C:\WINDOWS\system32\igd12umd64.dll
2016-11-01 23:05:58 ----A---- C:\WINDOWS\system32\igc64.dll
2016-11-01 23:05:56 ----A---- C:\WINDOWS\SYSWOW64\igd12umd32.dll
2016-11-01 23:05:56 ----A---- C:\WINDOWS\SYSWOW64\igd10idpp32.dll
2016-11-01 23:05:56 ----A---- C:\WINDOWS\system32\igd10idpp64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\IntelOpenCL32.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\IntelCpHeciSvc.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\Intel_OpenCL_ICD32.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\igfxexps32.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\igfxcmjit32.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\igdrcl32.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\igdmcl32.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\IntelOpenCL64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxSDKLib.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxSDK.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxOSP.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxLHMLib.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxext.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxEMLib.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxDTCM.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxDILib.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxDHLib.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxCoIn_v4531.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxcmjit64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igdrcl64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igdmcl64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\common_clang64.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\SYSWOW64\igdfcl32.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\SYSWOW64\igdbcl32.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\SYSWOW64\igdail32.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\SYSWOW64\ig75icd32.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\SYSWOW64\common_clang32.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\igdfcl64.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\igdbcl64.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\igdail64.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\ig75icd64.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\Gfxv4_0.exe
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\Gfxv2_0.exe
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\GfxUIEx.exe
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\GfxResources.dll
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\DPTopologyApp.exe
2016-11-01 23:05:24 ----A---- C:\WINDOWS\system32\difx64.exe
2016-11-01 23:05:01 ----AD---- C:\Program Files\GIMP 2
2016-10-28 15:58:39 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-10-28 15:58:39 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 15:58:38 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-10-28 15:58:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-10-28 15:58:38 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-10-28 15:58:38 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 15:58:38 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-10-28 15:58:37 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-10-28 15:58:37 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-10-28 15:58:36 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-10-28 15:58:36 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 15:58:36 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-28 15:58:36 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-10-28 15:58:35 ----A---- C:\WINDOWS\system32\mfps.dll
2016-10-28 15:58:35 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-10-28 15:58:34 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-10-28 15:58:34 ----A---- C:\WINDOWS\system32\msctf.dll
2016-10-28 15:58:33 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-10-28 15:58:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-10-28 15:58:33 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-10-28 15:58:32 ----A---- C:\WINDOWS\system32\shell32.dll
2016-10-28 15:58:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 15:58:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:58:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:58:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:58:26 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-10-28 15:58:26 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-10-28 15:58:26 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-10-28 15:58:25 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-10-28 15:58:25 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-28 15:58:25 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-10-28 15:58:24 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-10-28 15:58:24 ----A---- C:\WINDOWS\system32\ole32.dll
2016-10-28 15:58:24 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-10-28 15:58:24 ----A---- C:\WINDOWS\system32\energy.dll
2016-10-28 15:58:24 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-10-28 15:58:23 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-10-28 15:58:23 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2016-10-28 15:58:23 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-10-28 15:58:23 ----A---- C:\WINDOWS\system32\usocore.dll
2016-10-28 15:58:23 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-28 15:58:23 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 15:58:23 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2016-10-28 15:58:22 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-10-28 15:58:22 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-10-28 15:58:22 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-10-28 15:58:22 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 15:58:22 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-10-28 15:58:22 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-10-28 15:58:21 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-28 15:58:21 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-10-28 15:58:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 15:58:20 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 15:58:20 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-10-28 15:58:20 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-10-28 15:58:19 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-10-28 15:58:18 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 15:58:18 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-28 15:58:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-28 15:58:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 15:58:17 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 15:58:17 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 15:58:16 ----A---- C:\WINDOWS\system32\twinui.dll
2016-10-28 15:58:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-10-28 15:58:15 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-10-28 15:58:15 ----A---- C:\WINDOWS\explorer.exe
2016-10-28 15:58:13 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-10-28 15:58:13 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-10-28 15:58:13 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-28 15:58:13 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 15:58:12 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-10-28 15:58:12 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-10-28 15:58:12 ----A---- C:\WINDOWS\system32\wpnprv.dll
2016-10-28 15:58:12 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-10-28 15:58:12 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-10-28 15:58:11 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2016-10-28 15:58:10 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\system32\sud.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\system32\gameux.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\system32\fontext.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\system32\Display.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-10-28 15:58:10 ----A---- C:\WINDOWS\system32\autoplay.dll
2016-10-28 15:58:09 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-10-28 15:58:09 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-10-28 15:58:09 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-10-28 15:58:09 ----A---- C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 15:58:09 ----A---- C:\WINDOWS\system32\stobject.dll
2016-10-28 15:58:09 ----A---- C:\WINDOWS\system32\powercfg.exe
2016-10-28 15:58:09 ----A---- C:\WINDOWS\system32\fhcpl.dll
2016-10-28 15:58:09 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-10-28 15:58:08 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-28 15:58:08 ----A---- C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 15:58:06 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-10-28 15:58:06 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 15:58:06 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-10-28 15:58:05 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 15:58:05 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 15:58:05 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-10-28 15:58:05 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 15:58:04 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-10-28 15:58:04 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-10-28 15:58:04 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-28 15:58:03 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-28 15:58:03 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2016-10-28 15:58:03 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-10-28 15:58:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 15:58:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-10-28 15:58:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-10-28 15:58:01 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-10-28 15:58:01 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-10-28 15:58:00 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-10-28 15:58:00 ----A---- C:\WINDOWS\system32\mispace.dll
2016-10-28 15:58:00 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-28 15:57:59 ----A---- C:\WINDOWS\splwow64.exe
2016-10-28 15:57:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-10-28 15:57:58 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-28 15:57:58 ----A---- C:\WINDOWS\system32\wintrust.dll
2016-10-28 15:57:58 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 15:57:57 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-28 15:57:57 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-28 15:57:57 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-28 15:57:56 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-10-28 15:57:56 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-10-28 15:57:56 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-10-28 15:57:56 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 15:57:56 ----A---- C:\WINDOWS\system32\wer.dll
2016-10-28 15:57:56 ----A---- C:\WINDOWS\system32\drvstore.dll
2016-10-28 15:57:56 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2016-10-28 15:57:55 ----A---- C:\WINDOWS\SYSWOW64\wmpeffects.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\weretw.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-10-28 15:57:55 ----A---- C:\WINDOWS\system32\authui.dll
2016-10-28 15:57:54 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2016-10-28 15:57:54 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-10-28 15:57:54 ----A---- C:\WINDOWS\system32\wmpshell.dll
2016-10-28 15:57:54 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 15:57:54 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 15:57:54 ----A---- C:\WINDOWS\system32\cmifw.dll
2016-10-28 15:57:52 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2016-10-28 15:57:52 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-10-28 15:57:52 ----A---- C:\WINDOWS\SYSWOW64\esentutl.exe
2016-10-28 15:57:52 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-10-28 15:57:52 ----A---- C:\WINDOWS\system32\wups.dll
2016-10-28 15:57:52 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-10-28 15:57:52 ----A---- C:\WINDOWS\system32\chartv.dll
2016-10-28 15:57:51 ----A---- C:\WINDOWS\system32\esentutl.exe
2016-10-28 15:57:49 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-10-28 15:57:49 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-10-28 15:57:48 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-10-28 15:57:48 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-10-28 15:57:48 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-10-28 15:57:48 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 15:57:48 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 15:57:47 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-10-28 15:57:47 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-28 15:57:47 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-10-28 15:57:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-28 15:57:46 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-28 15:57:46 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-10-28 15:57:45 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 15:57:45 ----A---- C:\WINDOWS\system32\mos.dll
2016-10-28 15:57:45 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 15:57:44 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2016-10-28 15:57:44 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2016-10-28 15:57:44 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-10-28 15:57:44 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-10-28 15:57:44 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-10-28 15:57:44 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-10-28 15:57:44 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-10-28 15:57:43 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-10-28 15:57:42 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-10-28 15:57:42 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-10-28 15:57:41 ----A---- C:\WINDOWS\SYSWOW64\d3d12SDKLayers.dll
2016-10-28 15:57:41 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-10-28 15:57:41 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-10-28 15:57:41 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 15:57:41 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 15:57:41 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 15:57:41 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-10-28 15:57:40 ----A---- C:\WINDOWS\system32\wc_storage.dll
2016-10-28 15:57:40 ----A---- C:\WINDOWS\system32\daxexec.dll
2016-10-28 15:57:40 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 15:57:40 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 15:57:40 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-10-28 15:57:39 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-10-28 15:57:39 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-28 15:57:39 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 15:57:39 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-28 15:57:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2016-10-28 15:57:38 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-10-28 15:57:38 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 15:57:38 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-10-28 15:57:38 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-10-28 15:57:38 ----A---- C:\WINDOWS\system32\combase.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 15:57:37 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 15:57:36 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-10-28 15:57:36 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-10-28 15:57:35 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-10-28 15:57:35 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2016-10-28 15:57:35 ----A---- C:\WINDOWS\system32\efsext.dll
2016-10-28 15:57:35 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-28 15:57:35 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\SYSWOW64\autoplay.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-10-28 15:57:32 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 15:57:32 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 15:57:31 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-10-28 15:57:31 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-10-28 15:57:31 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-10-28 15:57:31 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-10-28 15:57:30 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-10-28 15:57:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-10-28 15:57:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 15:57:29 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-28 15:57:29 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-10-28 15:57:29 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-10-28 15:57:29 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-10-28 15:57:29 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-10-28 15:57:29 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-10-28 15:57:29 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 15:57:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-10-28 15:57:28 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-28 15:57:28 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-10-28 15:57:28 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-10-28 15:57:27 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-28 15:57:27 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-10-28 15:57:27 ----A---- C:\WINDOWS\system32\Geolocation.dll
2016-10-28 15:57:26 ----A---- C:\WINDOWS\system32\wininet.dll
2016-10-28 15:57:26 ----A---- C:\WINDOWS\system32\NotificationController.dll
2016-10-28 15:57:26 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-10-28 15:57:26 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-28 15:57:25 ----A---- C:\WINDOWS\system32\winmde.dll
2016-10-28 15:57:25 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-28 15:57:25 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-28 15:57:25 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-10-28 15:57:24 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-10-28 15:57:23 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2016-10-28 15:57:23 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-10-28 15:57:23 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-10-28 15:57:23 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-10-28 15:57:23 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-10-28 15:57:23 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-10-28 15:57:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-10-28 15:57:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-10-28 15:57:22 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-10-28 15:57:22 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2016-10-28 15:57:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-10-28 15:57:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-10-28 15:57:19 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-10-28 15:57:19 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-10-28 15:57:17 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-10-28 15:57:17 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-10-28 15:57:17 ----A---- C:\WINDOWS\system32\d3d12SDKLayers.dll
2016-10-28 15:57:16 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2016-10-28 15:57:16 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-10-28 15:57:16 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 15:57:16 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 15:57:16 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 15:57:15 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-28 15:57:15 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-10-28 15:57:15 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-10-28 15:57:15 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 15:57:14 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-10-28 15:57:14 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-28 15:57:14 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-10-28 15:57:14 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-10-28 15:57:14 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 15:57:13 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-10-28 15:57:13 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 15:57:13 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-10-28 15:57:13 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-10-28 15:57:13 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-10-28 15:57:13 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2016-10-28 15:57:13 ----A---- C:\WINDOWS\system32\cdd.dll
2016-10-28 15:57:12 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-10-28 15:57:12 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-10-28 15:57:10 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-10-28 15:57:10 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-10-28 15:57:10 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 15:57:09 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2016-10-28 15:57:07 ----A---- C:\WINDOWS\SYSWOW64\powercfg.exe
2016-10-28 15:57:06 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-10-28 15:57:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-10-28 15:57:05 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-10-28 15:57:05 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-10-28 15:57:05 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-10-27 12:37:19 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons001b.dll
2016-10-27 12:37:19 ----A---- C:\WINDOWS\SYSWOW64\NlsData001b.dll
2016-10-27 12:37:19 ----A---- C:\WINDOWS\SYSWOW64\MLS2.dll
2016-10-27 12:37:19 ----A---- C:\WINDOWS\system32\NlsLexicons001b.dll
2016-10-27 12:37:19 ----A---- C:\WINDOWS\system32\NlsData001b.dll
2016-10-27 12:37:19 ----A---- C:\WINDOWS\system32\MLS2.dll
2016-10-27 12:37:18 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2016-10-27 12:37:18 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2016-10-27 12:37:18 ----A---- C:\WINDOWS\system32\prm0009.dll
2016-10-27 12:37:17 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2016-10-27 12:37:17 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2016-10-26 16:47:36 ----D---- C:\Users\Richard\AppData\Roaming\Mozilla
2016-10-26 16:45:17 ----D---- C:\ProgramData\BlueStacksSetup
2016-10-26 16:23:22 ----AD---- C:\Program Files (x86)\Bluestacks
2016-10-26 16:23:21 ----AD---- C:\ProgramData\Bluestacks
2016-10-12 20:02:26 ----D---- C:\Program Files (x86)\AGEIA Technologies
2016-10-12 15:08:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-12 15:08:10 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2016-10-12 15:08:10 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2016-10-12 15:08:10 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2016-10-12 15:08:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2016-10-12 15:08:09 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2016-10-12 15:08:09 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2016-10-12 15:08:09 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2016-10-12 15:08:08 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2016-10-12 15:08:08 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2016-10-12 15:08:08 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 15:08:08 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-12 15:08:08 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-12 15:08:08 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2016-10-12 15:08:07 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-12 15:08:07 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-10-12 15:08:07 ----A---- C:\WINDOWS\system32\dsreg.dll
2016-10-12 15:08:06 ----A---- C:\WINDOWS\system32\netshell.dll
2016-10-12 15:08:06 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-10-12 15:08:06 ----A---- C:\WINDOWS\system32\msdtctm.dll
2016-10-12 15:08:06 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-10-12 15:08:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-10-12 15:08:03 ----A---- C:\WINDOWS\system32\wpx.dll
2016-10-12 15:08:03 ----A---- C:\WINDOWS\system32\ncsi.dll
2016-10-12 15:08:02 ----A---- C:\WINDOWS\system32\nlasvc.dll
2016-10-12 15:08:02 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-12 15:08:02 ----A---- C:\WINDOWS\system32\credprovs.dll
2016-10-12 15:08:02 ----A---- C:\WINDOWS\system32\bcdedit.exe
2016-10-12 15:08:00 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-10-12 15:07:56 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2016-10-12 15:07:56 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll
2016-10-12 15:07:53 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-10-12 15:07:53 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-10-12 15:07:52 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2016-10-12 15:07:52 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-10-12 15:07:50 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-10-12 15:07:50 ----A---- C:\WINDOWS\system32\aadtb.dll
2016-10-12 15:07:49 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2016-10-12 15:07:49 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2016-10-12 15:07:49 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-12 15:07:49 ----A---- C:\WINDOWS\system32\smartscreen.exe
2016-10-12 15:07:48 ----A---- C:\WINDOWS\system32\drivers\MegaSas2i.sys
2016-10-12 15:07:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-10-12 15:07:47 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-10-12 15:07:46 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-10-12 15:07:46 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2016-10-12 15:07:46 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-12 15:07:45 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\system32\efswrt.dll
2016-10-12 15:07:44 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-12 15:07:43 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-10-12 15:07:43 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-10-12 15:07:43 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-10-12 15:07:43 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-12 15:07:43 ----A---- C:\WINDOWS\system32\dialclient.dll
2016-10-12 15:07:42 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2016-10-12 15:07:42 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-12 15:07:42 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-12 15:07:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-10-12 15:07:41 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-10-12 15:07:37 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-12 15:07:32 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2016-10-12 15:07:31 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-10-12 15:07:27 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-10-12 15:07:26 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-10-12 15:07:26 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-10-12 15:07:23 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-10-12 15:07:23 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-12 15:07:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2016-10-12 15:07:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2016-10-12 15:07:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-12 15:07:22 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-12 15:07:22 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-12 15:07:20 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2016-10-12 15:07:20 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-12 15:07:20 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2016-10-12 15:07:20 ----A---- C:\WINDOWS\system32\apprepsync.dll
2016-10-12 15:07:20 ----A---- C:\WINDOWS\system32\apprepapi.dll
2016-10-12 15:07:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-10-12 15:07:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-10-12 15:07:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 15:07:19 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2016-10-12 15:07:19 ----A---- C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-12 15:07:19 ----A---- C:\WINDOWS\system32\GamePanel.exe
2016-10-12 15:07:18 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 15:07:18 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-12 15:07:18 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-10-12 15:07:17 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-10-12 15:07:17 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-10-12 15:07:17 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-10-12 15:07:17 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-12 15:07:17 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-12 15:07:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.HostName.dll
2016-10-12 15:07:16 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll
2016-10-12 15:07:16 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-12 15:07:16 ----A---- C:\WINDOWS\system32\msi.dll
2016-10-12 15:07:15 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-10-12 15:07:14 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-10-12 15:07:14 ----A---- C:\WINDOWS\system32\ChatApis.dll
2016-10-12 15:07:14 ----A---- C:\WINDOWS\system32\EmailApis.dll
2016-10-12 15:07:14 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2016-10-12 15:07:13 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-12 15:07:13 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-12 15:07:13 ----A---- C:\WINDOWS\system32\ContactApis.dll
2016-10-12 15:07:12 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-12 15:07:12 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-10-12 15:07:12 ----A---- C:\WINDOWS\system32\mspaint.exe
2016-10-12 15:07:11 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-12 15:07:11 ----A---- C:\WINDOWS\system32\ShareHost.dll
2016-10-12 15:07:08 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-10-12 15:07:08 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-12 15:07:05 ----A---- C:\WINDOWS\SYSWOW64\VsGraphicsDesktopEngine.exe
2016-10-12 15:07:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2016-10-12 15:07:03 ----A---- C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2016-10-12 15:07:03 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-10-12 15:07:02 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-12 15:07:01 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 15:07:01 ----A---- C:\WINDOWS\system32\cloudAP.dll
2016-10-12 15:07:00 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-12 15:07:00 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-10-12 15:07:00 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-10-12 14:57:41 ----A---- C:\WINDOWS\system32\drivers\gwdrv.sys
2016-10-12 14:57:39 ----D---- C:\ProgramData\GlassWire
2016-10-12 14:57:14 ----D---- C:\Program Files (x86)\GlassWire
2016-10-11 13:37:58 ----D---- C:\WINDOWS\SYSWOW64\directx
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\VsGraphicsRemoteEngine.exe
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\VsGraphicsExperiment.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\VsGraphicsCapture.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\VSD3DWARPDebug.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\VSD3DWARP12Debug.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\DXToolsReporting.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\DXToolsOfflineAnalysis.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\DXToolsMonitor.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\DXGIDebug.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\DXCpl.exe
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\DXCaptureReplay.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\DXCap.exe
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\d3d12warp.dll
2016-10-10 18:44:51 ----A---- C:\WINDOWS\SYSWOW64\d2d1debug3.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\SYSWOW64\VsGraphicsProxyStub.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\SYSWOW64\perf_gputiming.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\SYSWOW64\DxToolsReportGenerator.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\SYSWOW64\d3d11_3SDKLayers.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\VsGraphicsExperiment.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\VsGraphicsCapture.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\perf_gputiming.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DXToolsReporting.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DxToolsReportGenerator.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DXToolsMonitor.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DXGIDebug.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DXCpl.exe
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DXCaptureReplay.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\DXCap.exe
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\d3d12warp.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\d3d11_3SDKLayers.dll
2016-10-10 18:44:50 ----A---- C:\WINDOWS\system32\d2d1debug3.dll
2016-10-10 18:40:43 ----AD---- C:\Program Files\Application Verifier
2016-10-10 18:40:43 ----AD---- C:\Program Files (x86)\Application Verifier
2016-10-10 18:40:35 ----AD---- C:\ProgramData\Windows App Certification Kit
2016-10-10 18:36:44 ----AD---- C:\Program Files (x86)\HTML Help Workshop

======List of files/folders modified in the last 1 month======

2016-11-08 23:57:26 ----RD---- C:\Program Files
2016-11-08 23:57:00 ----D---- C:\WINDOWS\Prefetch
2016-11-08 23:56:37 ----D---- C:\WINDOWS\Temp
2016-11-08 23:51:24 ----D---- C:\Users\Richard\AppData\Roaming\TS3Client
2016-11-08 23:28:51 ----D---- C:\Program Files (x86)\Steam
2016-11-08 23:26:26 ----D---- C:\WINDOWS\System32
2016-11-08 23:26:25 ----D---- C:\WINDOWS\system32\config
2016-11-08 23:01:00 ----D---- C:\WINDOWS\system32\sru
2016-11-08 22:58:16 ----D---- C:\WINDOWS\OCR
2016-11-08 22:58:14 ----D---- C:\WINDOWS\system32\CatRoot
2016-11-08 20:23:03 ----D---- C:\Users\Richard\AppData\Roaming\Skype
2016-11-08 20:21:01 ----D---- C:\ProgramData\Unity
2016-11-08 20:19:26 ----D---- C:\WINDOWS\system32\catroot2
2016-11-08 20:13:58 ----D---- C:\WINDOWS\WinSxS
2016-11-08 19:59:01 ----D---- C:\WINDOWS\system32\SleepStudy
2016-11-08 17:32:06 ----RD---- C:\WINDOWS\Microsoft.NET
2016-11-07 22:03:29 ----SHD---- C:\WINDOWS\Installer
2016-11-07 22:03:13 ----RD---- C:\Program Files (x86)\Skype
2016-11-07 22:03:13 ----D---- C:\Program Files (x86)\Common Files
2016-11-07 22:03:06 ----D---- C:\ProgramData\Skype
2016-11-07 21:53:18 ----D---- C:\Users\Richard\AppData\Roaming\vlc
2016-11-07 20:37:38 ----D---- C:\WINDOWS\CbsTemp
2016-11-07 20:37:29 ----D---- C:\Windows
2016-11-07 15:39:08 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-06 17:25:32 ----D---- C:\WINDOWS\INF
2016-11-06 17:22:25 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-05 22:08:11 ----D---- C:\WINDOWS\AppReadiness
2016-11-04 22:57:25 ----SHD---- C:\System Volume Information
2016-11-04 22:00:09 ----D---- C:\WINDOWS\Tasks
2016-11-04 21:44:54 ----HD---- C:\Program Files\WindowsApps
2016-11-02 23:17:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-02 23:11:33 ----D---- C:\WINDOWS\system32\drivers
2016-11-02 23:10:29 ----D---- C:\WINDOWS\SysWOW64
2016-11-02 17:03:12 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-02 17:02:54 ----A---- C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-11-01 23:06:06 ----A---- C:\WINDOWS\SYSWOW64\igdumdim32.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\SYSWOW64\igdusc32.dll
2016-11-01 23:06:02 ----A---- C:\WINDOWS\system32\igdusc64.dll
2016-11-01 23:06:00 ----A---- C:\WINDOWS\SYSWOW64\igd10iumd32.dll
2016-11-01 23:05:58 ----A---- C:\WINDOWS\system32\igd10iumd64.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxTray.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxLHM.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxHK.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxEM.exe
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxDI.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxDH.dll
2016-11-01 23:05:26 ----A---- C:\WINDOWS\system32\igfxCUIService.exe
2016-10-29 18:08:22 ----D---- C:\WINDOWS\rescache
2016-10-29 01:12:25 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-10-29 01:12:25 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-10-29 01:12:25 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-10-29 01:12:25 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-10-29 01:12:02 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-10-29 01:12:01 ----D---- C:\WINDOWS\system32\wbem
2016-10-29 01:12:00 ----D---- C:\WINDOWS\system32\sk-SK
2016-10-29 01:12:00 ----D---- C:\WINDOWS\system32\oobe
2016-10-29 01:11:59 ----D---- C:\WINDOWS\system32\en-US
2016-10-29 01:11:59 ----D---- C:\WINDOWS\system32\en-GB
2016-10-29 01:11:58 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-29 01:11:58 ----D---- C:\WINDOWS\system32\Boot
2016-10-29 01:11:57 ----D---- C:\WINDOWS\system32\appraiser
2016-10-29 01:11:20 ----RSD---- C:\WINDOWS\Fonts
2016-10-29 01:11:20 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-10-29 01:11:20 ----D---- C:\WINDOWS\AppPatch
2016-10-29 01:11:19 ----D---- C:\Program Files\Windows Media Player
2016-10-29 01:11:19 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-28 15:30:57 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-10-28 11:49:45 ----RSD---- C:\WINDOWS\assembly
2016-10-27 12:44:07 ----D---- C:\ProgramData\Oracle
2016-10-27 12:43:58 ----D---- C:\Program Files (x86)\Java
2016-10-27 12:38:41 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2016-10-27 11:44:06 ----A---- C:\WINDOWS\HPSetLog.txt
2016-10-26 16:47:48 ----SD---- C:\Users\Richard\AppData\Roaming\Microsoft
2016-10-26 16:45:17 ----HD---- C:\ProgramData
2016-10-26 16:44:52 ----RD---- C:\Program Files (x86)
2016-10-25 00:30:58 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-21 15:49:43 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-10-21 15:47:17 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-10-19 21:32:55 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-10-17 22:58:04 ----D---- C:\Users\Richard\AppData\Roaming\GHISLER
2016-10-17 22:54:40 ----D---- C:\totalcmd
2016-10-12 20:02:47 ----SD---- C:\ProgramData\Microsoft
2016-10-12 16:04:13 ----D---- C:\WINDOWS\system32\WDI
2016-10-12 15:36:17 ----SD---- C:\WINDOWS\system32\DiagSvcs
2016-10-12 15:36:17 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2016-10-12 15:36:17 ----D---- C:\WINDOWS\system32\migwiz
2016-10-12 15:36:08 ----D---- C:\WINDOWS\ShellExperiences
2016-10-12 15:36:07 ----D---- C:\Program Files\Windows Photo Viewer
2016-10-12 15:36:07 ----D---- C:\Program Files\Windows Mail
2016-10-12 15:36:07 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 15:33:05 ----D---- C:\WINDOWS\system32\MRT
2016-10-12 15:26:50 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-12 14:44:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2016-10-12 14:44:05 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2016-10-11 13:37:59 ----HD---- C:\WINDOWS\msdownld.tmp
2016-10-11 13:37:59 ----D---- C:\WINDOWS\Logs
2016-10-11 13:37:52 ----D---- C:\Games
2016-10-10 18:48:40 ----D---- C:\ProgramData\Package Cache
2016-10-10 18:38:21 ----AD---- C:\Program Files (x86)\Microsoft SDKs
2016-10-10 18:38:08 ----D---- C:\Program Files (x86)\Windows Kits

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-11-06 632168]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 gwdrv;GlassWire Driver; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [2015-05-29 33152]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 clwvd;@oem2.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\WINDOWS\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-01 7966192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-07-28 4628736]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-09 100312]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmwu.inf_amd64_dbb067faa566eee8\nvlddmkm.sys [2016-09-12 13754936]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;@oem5.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-01-28 839896]
R3 RTWlanE;@oem23.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2015-08-28 4629744]
R3 SensorsSimulatorDriver;@oem25.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-07-16 216064]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-13 31472]
R3 SynTP;@oem18.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2016-10-04 872024]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [2016-10-21 152672]
S3 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [2016-10-07 270904]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem0.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem7.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-08-24 744640]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2016-07-28 106952]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-07-30 1518504]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_6ae07b2;CDPUserSvc_6ae07b2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-08 3291848]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 GlassWire;GlassWire Control Service; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [2016-08-31 4366288]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-15 29728]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-10-08 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-08 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-01 373744]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 OneSyncSvc_6ae07b2;Hostitel synchronizace_6ae07b2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Perforce;Perforce; C:\Program Files\Perforce\Server\p4s.exe [2013-11-11 3783736]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-07-28 307456]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-10-04 269400]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-12-14 6889232]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-01 301552]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
R3 PimIndexMaintenanceSvc_6ae07b2;Data kontaktů_6ae07b2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [2016-10-21 425496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-13 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 BstHdAndroidSvc;BlueStacks Android Service ; C:\Program Files (x86)\Bluestacks\HD-Service.exe [2016-10-21 445976]
S3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service ; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [2016-10-21 466456]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [2009-08-24 544768]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2016-07-29 249104]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2014-02-19 142336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-13 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_6ae07b2;Služba zasílání zpráv_6ae07b2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-10-07 209104]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

[Tristan]

Prosím mohli by ste mi pomôcť?

[Tristan]

To mi tu fakt nikto nepomôže ?

[Márty84]

Zdravim

Je problem jeste aktualni?

Bohuzel jste si hned sam odpovedel a tim jste zapadnul, protoze hledame temata bez odpovedi. Takhle to vypada, ze uz tema nekdo resi a trva mnohem dele, nez se tam nahodne nekdo z nas koukne.

[Tristan]

Dobrý deň.
Nabudúce budem vediet. A ešte otázka ak mám log taký veľký ako napríklad teraz tak sem mám dat nabudúce súbor alebo ako sa to rieši aby som potom hneď neodpovedal ako sa to stalo teraz.

Ano ešte to je stále také isté.

[Márty84]

A ešte otázka ak mám log taký veľký ako napríklad teraz tak sem mám dat nabudúce súbor alebo ako sa to rieši aby som potom hneď neodpovedal ako sa to stalo teraz.

Kdyby se tu log nevesel, popiste jen problem a log dejte treba na leteckou postu http://leteckaposta.cz/ a sem dejte odkaz.
Jak uz se vas nekdo ujme, pak uz delsi logy nevadi, ty uz pak davejte normalne sem. Lip se s nimi pak pracuje.


Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[Tristan]

Crystal disk info :
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 14393] (x64)
Date : 2016/11/19 12:02:46

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series Chipset Family SATA AHCI Controller [ATA]
- WDC WD10JPVX-60JC3T0
- hp DVDRW SU208FB
- Microsoft Storage Spaces Controller [SCSI]
- Microsoft VHD Loopback Controller [SCSI]
+ DAEMON Tools Lite Virtual SCSI Bus [SCSI]
- DiscSoft Virtual SCSI CdRom Device
- DiscSoft Virtual SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPVX-60JC3T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPVX-60JC3T0
----------------------------------------------------------------------------
Model : WDC WD10JPVX-60JC3T0
Firmware : 01.01A01
Serial Number : WD-WXA1E54PJC15
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 7354 hours
Power On Count : 1897 count
Temperature : 24 C (75 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 184 180 _21 000000000708 Spin-Up Time
04 _99 _99 __0 000000000774 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _90 _90 __0 000000001CBA Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _99 _99 __0 000000000769 Power Cycle Count
B7 100 100 __0 000000000000 Vendor Specific
B8 _99 _99 _97 000000000001 End-to-End Error
BB 100 _99 __0 000000000002 Reported Uncorrectable Errors
BC 100 _99 __0 00010001000B Command Timeout
BE _76 _47 _40 000018140018 Airflow Temperature
BF __1 __1 __0 000000000110 G-Sense Error Rate
C0 200 200 __0 00000000001C Power-off Retract Count
C1 153 153 __0 000000023060 Load/Unload Cycle Count
C2 123 _94 __0 000000000018 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 _51 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4131 4535 3450 4A43 3135
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 5658 2D36 304A 4333 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F CD0E 0006 004C 00CC
080: 03FE 0000 706B 7C69 6123 7069 BC49 6123 007F 0062
090: 0062 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AF80 C4F6 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 703D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 ACA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B8 B4 08 07 00 00 00 00 00 04 32 00 63 63 74
020: 07 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5A 5A BA 1C 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 69 07 00 00 00 00 00 B7 32
070: 00 64 64 00 00 00 00 00 00 00 B8 33 00 63 63 01
080: 00 00 00 00 00 00 BB 32 00 64 63 02 00 00 00 00
090: 00 00 BC 32 00 64 63 0B 00 01 00 01 00 00 BE 22
0A0: 00 4C 2F 18 00 14 18 00 00 00 BF 32 00 01 01 10
0B0: 01 00 00 00 00 00 C0 32 00 C8 C8 1C 00 00 00 00
0C0: 00 00 C1 32 00 99 99 60 30 02 00 00 00 00 C2 22
0D0: 00 7B 5E 18 00 00 00 00 00 00 C4 32 00 C8 C8 00
0E0: 00 00 00 00 00 00 C5 32 00 C8 C8 00 00 00 00 00
0F0: 00 00 C6 30 00 64 FD 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 00 00 00 00 00 00 00 C8 09 00 64 FD 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 21 30 48 01 51
170: 03 00 01 62 02 CF 00 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 61 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 33 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F8

[Tristan]

# AdwCleaner v6.030 - Log soubor vytvořen 19/11/2016 na 12:08:24
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-19.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Richard - RICHARD
# Beží od : C:\Users\Richard\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Prohlížeče ] *****

[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:check point software technologies ltd
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:babylon.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:ask.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:sim-city-cities-of-tomorrow.en.softonic.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:funmoods
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:search.conduit.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:trovi.search
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:search.sweetim.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:visual_c_express.en.softonic.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:mysites123
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:ccleaner.en.softonic.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:gadgetbox
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:microsoft-xna-framework.en.softonic.com
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:hxxp://www.trovi.com/?gd=&ctid=CT3322197&octid ... 7E4E&SSPV=
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:hxxp://www.mysites123.com/?type=hp&ts=14516591 ... pjc15pjc15
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:pelmeidfhdlhlbjimpabfcbnnojbboma
[-] [C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazání:hxxp://www.trovi.com/?gd=&ctid=CT3322197&octid ... 7E4E&SSPV=


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3895 Bajtů] - [19/11/2016 12:08:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [4249 Bajtů] - [19/11/2016 12:07:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4043 Bajtů] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Tristan]

Rád by som to poslaľ ale už 4 a pol hodiny mi to skenuje a mám pocit že to nemá konca

[Tristan]

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum kontroly: 19.11.2016
Čas kontroly: 19:21
Protokol: scan.txt
Správca: Áno

Verzia: 2.2.1.1043
Dazabáza malware: v2016.11.19.06
Databáza rootkitov: v2016.10.31.01
Licencia: Bezplatná verzia
Ochrana pred škodlivým softvérom: Vypnuté
Ochrana pred škodlivými webstránkami: Vypnuté
Vlastná ochrana: Vypnuté

OS: Windows 10
CPU: x64
Súborový systém: NTFS
Používateľ: Richard

Typ kontroly: Vlastná kontrola
Výsledok: Dokončená
Skontrolovaných objektov: 890754
Uplynulý čas: 6 hod, 42 min 39 s

Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Zapnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté

Procesy: 0
(Žiadne škodlivé položky neboli zistené)

Moduly: 0
(Žiadne škodlivé položky neboli zistené)

Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Priečinky: 0
(Žiadne škodlivé položky neboli zistené)

Súbory: 1
PUP.Optional.OutBrowse, C:\Users\Richard\Downloads\Nepotvrdené 644794.crdownload, , [70b270527426bb7b52307e1be61a47b9],

Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)


(end)

[Márty84]

Nalez nechte odstranit.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

[Tristan]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016
Ran by Richard (administrator) on RICHARD (20-11-2016 15:47:10)
Running from C:\Users\Richard\Desktop
Loaded Profiles: Richard (Available Profiles: Richard)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Perforce Software Inc.) C:\Program Files\Perforce\Server\p4s.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16092.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7571.57651.0_x64__8wekyb3d8bbwe\onenoteim.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2016-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2016-07-28] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [Ashampoo HDD-Control 2 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [3783592 2012-07-30] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1957122121-1824753768-1397341513-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-1957122121-1824753768-1397341513-1002\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3134728 2016-09-26] (Wargaming.net)
HKU\S-1-5-21-1957122121-1824753768-1397341513-1002\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-10-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1957122121-1824753768-1397341513-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4557504 2016-10-06] (Disc Soft Ltd)
HKU\S-1-5-21-1957122121-1824753768-1397341513-1002\...\MountPoints2: {6cdab7bf-aa66-11e6-8277-b01041aa998d} - "H:\setup.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => C:\Program Files\Perforce\p4exp64.dll [2013-12-17] (Perforce Software Inc.)
ShellIconOverlayIdentifiers: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => C:\Program Files\Perforce\p4exp64.dll [2013-12-17] (Perforce Software Inc.)
ShellIconOverlayIdentifiers: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => C:\Program Files\Perforce\p4exp64.dll [2013-12-17] (Perforce Software Inc.)
ShellIconOverlayIdentifiers-x32: [P4EXPCheckoutOverlay] -> {80E008A4-EAE7-4867-AEB0-1A245F070F25} => C:\Program Files\Perforce\p4exp.dll [2013-12-17] (Perforce Software Inc.)
ShellIconOverlayIdentifiers-x32: [P4EXPSyncdOverlay] -> {ADF262C1-E8FE-49BE-AD63-F77CD4A6CCD9} => C:\Program Files\Perforce\p4exp.dll [2013-12-17] (Perforce Software Inc.)
ShellIconOverlayIdentifiers-x32: [P4EXPUpdateOverlay] -> {C550CDA2-37D7-4838-A9D7-65ECB1EB5AB2} => C:\Program Files\Perforce\p4exp.dll [2013-12-17] (Perforce Software Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0bbd2acb-79c6-4596-9da9-c312de530c8d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2888127a-407f-4d53-94d8-d27855500c42}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8132d88a-e06b-48ac-91cc-4b52706a97fb}: [DhcpNameServer] 158.193.86.5 158.193.86.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-1957122121-1824753768-1397341513-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {AD1227EA-511B-48FD-90C7-CC6794298EA8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {AD1227EA-511B-48FD-90C7-CC6794298EA8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1957122121-1824753768-1397341513-1002 -> {AD1227EA-511B-48FD-90C7-CC6794298EA8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04] (HP Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3322197&octid ... 7E4E&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3322197&octid ... pjc15pjc15"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2016-11-20]
CHR Extension: (Prezentácie Google) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-13]
CHR Extension: (Dokumenty Google) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-13]
CHR Extension: (Disk Google) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-13]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-13]
CHR Extension: (Pagemodo) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cagkfnokdfofofnblbpfjnapdojmoffn [2016-07-13]
CHR Extension: (Tabuľky Google) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-13]
CHR Extension: (AdBlock) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-08]
CHR Extension: (Tokyo Ghoul) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijplpbkaaeijppoogkoahhjeakclmjpi [2016-07-13]
CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2016-07-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-13]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-13]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-10-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-10-21] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-10-21] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1468608 2016-10-06] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [249104 2016-07-29] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4366288 2016-08-31] (SecureMix LLC)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 Perforce; C:\Program Files\Perforce\Server\p4s.exe [3783736 2013-11-11] (Perforce Software Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-07-28] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2016-10-04] (Synaptics Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-10-21] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-10-07] (Bluestack System Inc. )
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-14] (Disc Soft Ltd)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmwu.inf_amd64_dbb067faa566eee8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [4629744 2015-08-28] (Realtek Semiconductor Corporation )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)