pri praci z prehliadačom mi nahodne otvara nechcene stranky

Zpráva

michal1097 · #1 Příspěvek od **michal1097** » 19 lis 2016 15:38

pridavam log. ale nie je kompletny pretoze my vyhadzuje ze ma prekroceny limit znakov

Logfile of random's system information tool 1.14 (written by random/random)
Run by Michal at 2016-11-19 15:20:10
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 269 GB (61%) free of 443 GB
Total RAM: 3965 MB (38% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:21:36, on 19. 11. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Michal_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noneblock.biz/wpad.dat?eeecfca40 ... 1918000941
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\RunOnce: [SymInstallStub] C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=5 /launchedby=3
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [java] C:\Users\Michal\AppData\Roaming\DCSCMIN\IMDCSC.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: xranhgo - C:\Users\Michal\AppData\Local\xranhgo.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13671 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
"C:\Program Files (x86)\AVG\AVG9\avgchsva.exe"
"C:\Program Files (x86)\AVG\AVG9\avgrsa.exe"
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\AVG\AVG9\avgemc.exe"
"C:\Program Files (x86)\AVG\AVG9\avgnsa.exe"
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Michal\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.0.327" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="4532.0.153734761\1852480800" /prefetch:673131151
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
\??\C:\Windows\system32\conhost.exe "-121971658159785944311630699377645353791123689185-10639344081560110753-535788764
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Michal\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.0.327" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="4532.1.767105508\1534428744" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart Start EEU 52 sniffer.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Michal\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Product Installer.job - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=2
C:\Windows\tasks\Norton Product InstallerIdle.job - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=4
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\DriverToolkit Autorun - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 1510 series - "C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00
C:\Windows\system32\tasks\Norton Product Installer - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=2
C:\Windows\system32\tasks\Norton Product InstallerIdle - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=4
C:\Windows\system32\tasks\{9FEBF33B-2074-414C-8502-E337530B2EEE} - C:\Windows\system32\pcalua.exe -a "C:\Users\Michal\Desktop\Nový priečinok\Windows.Media.Player.12.v.2.CZ..exe" -d "C:\Users\Michal\Desktop\Nový priečinok"
C:\Windows\system32\tasks\{ED0C19EC-E733-47DA-A367-34EAE657BBBF} - C:\Windows\system32\pcalua.exe -a C:\Users\Michal\Desktop\wsusoffline\client\cpp\vcredist2008_x64.exe -d C:\Users\Michal\Desktop\wsusoffline\client\cpp
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\MpIdleTask - c:\Program Files\Microsoft Security Client\MpCmdRun.exe -IdleTask -TaskName MpIdleTask
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default

prefs.js - "browser.startup.homepage" - "https://www.google.sk/?gfe_rd=cr&ei=oRv ... gws_rd=ssl"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
NPSibelius.dll
PDFNetC.dll
ScorchAxPlugin.dll
ScorchPDFWrapper.dll

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions.json
Bing Search - extension - bingsearch.full@microsoft.com - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions\bingsearch.full@microsoft.com.xpi
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\features\{72492ef5-0347-472b-b2f5-651f3e2836a9}\asyncrendering@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.4.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - ScorchPlugin - 6.2.0.88 - C:\Program Files (x86)\Sibelius Software\Scorch\NPSibelius.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

=========Google Chrome=========

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: https://www.google.sk/
default_search_provider.search_url:
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [2016-10-07 2334560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll [2016-10-07 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-01-31 36352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-03-05 2876816]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-24 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-04-24 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-24 442352]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-02-04 899680]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-09-17 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-04-12 7770936]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2016-10-07 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2016-10-07 191544]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-24 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27011712]
"BingSvc"=C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-05 144008]
"java"=C:\Users\Michal\AppData\Roaming\DCSCMIN\IMDCSC.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-11-07 9108184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-25 642816]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2016-10-07 2079792]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-12 2383040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SymInstallStub"=C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe [2016-11-17 482104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-24 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-04-18 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\system32\rundll32.exe"="C:\Windows\system32\rundll32.exe:*:Enabled:rundll32"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-19 15:20:10 ----D---- C:\rsit
2016-11-19 15:20:10 ----D---- C:\Program Files\trend micro
2016-11-19 14:22:51 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-11-19 14:22:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-11-19 14:22:45 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-19 14:22:45 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-11-19 14:22:45 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-19 14:22:44 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-19 14:19:05 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-19 14:18:17 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-19 14:04:02 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-19 14:03:14 ----A---- C:\Windows\ntbtlog.txt
2016-11-19 13:34:50 ----D---- C:\Program Files\Windows Portable Devices
2016-11-19 13:34:50 ----D---- C:\Program Files\Windows Media Player
2016-11-19 13:34:50 ----D---- C:\Program Files\DVD Maker
2016-11-19 13:34:50 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-11-19 13:34:50 ----D---- C:\Program Files (x86)\Windows Media Player
2016-11-19 13:34:48 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-11-19 13:34:48 ----D---- C:\Windows\ehome
2016-11-19 13:29:09 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-11-19 13:29:00 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2016-11-19 13:29:00 ----A---- C:\Windows\system32\wmdmlog.dll
2016-11-19 13:29:00 ----A---- C:\Windows\system32\evr.dll
2016-11-19 13:28:58 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2016-11-19 13:28:55 ----A---- C:\Windows\system32\wmpshell.dll
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\WPDShextAutoplay.exe
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\logagent.exe
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-11-19 13:28:54 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-11-19 13:28:53 ----A---- C:\Windows\SYSWOW64\wmdmlog.dll
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-11-19 13:28:44 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-11-19 13:28:44 ----A---- C:\Windows\system32\wmdmps.dll
2016-11-19 13:28:44 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-11-19 13:28:43 ----A---- C:\Windows\system32\sysprepMCE.dll
2016-11-19 13:28:43 ----A---- C:\Windows\system32\spwmp.dll
2016-11-19 13:28:42 ----A---- C:\Windows\SYSWOW64\WmpDui.dll
2016-11-19 13:28:42 ----A---- C:\Windows\system32\iTVData.dll
2016-11-19 13:28:42 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-11-19 13:28:41 ----A---- C:\Windows\system32\WmpDui.dll
2016-11-19 13:28:39 ----A---- C:\Windows\system32\MsPbdaCoInst.dll
2016-11-19 13:28:39 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2016-11-19 13:28:30 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2016-11-19 13:28:28 ----A---- C:\Windows\SYSWOW64\unregmp2.exe
2016-11-19 13:28:28 ----A---- C:\Windows\system32\logagent.exe
2016-11-19 13:28:27 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-11-19 13:28:27 ----A---- C:\Windows\system32\unregmp2.exe
2016-11-19 13:28:27 ----A---- C:\Windows\system32\msnetobj.dll
2016-11-19 13:28:21 ----A---- C:\Windows\SYSWOW64\wmdmps.dll
2016-11-19 13:28:21 ----A---- C:\Windows\system32\LAPRXY.DLL
2016-11-19 13:28:20 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2016-11-19 13:28:20 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-11-19 13:28:16 ----A---- C:\Windows\system32\wmidx.dll
2016-11-19 13:28:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-11-19 13:28:15 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2016-11-19 13:28:15 ----A---- C:\Windows\system32\msscp.dll
2016-11-19 13:28:15 ----A---- C:\Windows\system32\dxmasf.dll
2016-11-19 13:28:14 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2016-11-19 13:28:14 ----A---- C:\Windows\system32\wmpcm.dll
2016-11-19 13:28:06 ----A---- C:\Windows\system32\rrinstaller.exe
2016-11-19 13:28:06 ----A---- C:\Windows\system32\mfpmp.exe
2016-11-19 13:28:05 ----A---- C:\Windows\SYSWOW64\PortableDeviceConnectApi.dll
2016-11-19 13:28:04 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-11-19 13:28:04 ----A---- C:\Windows\system32\mcsrchPH.dll
2016-11-19 13:27:57 ----A---- C:\Windows\SYSWOW64\wmcodecdspps.dll
2016-11-19 13:27:57 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmnet.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmdev.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\drmv2clt.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\blackbox.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\PortableDeviceClassExtension.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\LAPRXY.DLL
2016-11-19 13:27:54 ----A---- C:\Windows\system32\wpdwcn.dll
2016-11-19 13:27:54 ----A---- C:\Windows\system32\wpd_ci.dll
2016-11-19 13:27:54 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2016-11-19 13:27:50 ----A---- C:\Windows\SYSWOW64\wmidx.dll
2016-11-19 13:27:50 ----A---- C:\Windows\SYSWOW64\PortableDeviceWiaCompat.dll
2016-11-19 13:27:50 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\PortableDeviceWMDRM.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2016-11-19 13:27:49 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\wmpcm.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\mswmdm.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2016-11-19 13:27:48 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-11-19 13:27:47 ----A---- C:\Windows\system32\wmvdspa.dll
2016-11-19 13:27:47 ----A---- C:\Windows\system32\wmpeffects.dll
2016-11-19 13:27:47 ----A---- C:\Windows\system32\mfvdsp.dll
2016-11-19 13:27:46 ----A---- C:\Windows\system32\wmpsrcwp.dll
2016-11-19 13:27:46 ----A---- C:\Windows\system32\mfds.dll
2016-11-19 13:27:41 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-11-19 13:27:41 ----A---- C:\Windows\system32\mfplat.dll
2016-11-19 13:27:40 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-11-19 13:27:40 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-11-19 13:27:40 ----A---- C:\Windows\system32\WMASF.DLL
2016-11-19 13:27:40 ----A---- C:\Windows\system32\mspbda.dll
2016-11-19 13:27:40 ----A---- C:\Windows\system32\msdri.dll
2016-11-19 13:27:34 ----A---- C:\Windows\SYSWOW64\PortableDeviceTypes.dll
2016-11-19 13:27:34 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2016-11-19 13:27:34 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2016-11-19 13:27:34 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\mfAACEnc.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\mfreadwrite.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\MFPlay.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\mfAACEnc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfdvdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfmjpegdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfh264enc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfdvdec.dll
2016-11-19 13:27:29 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-11-19 13:27:26 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2016-11-19 13:27:26 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\wmvdspa.dll
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-11-19 13:27:23 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-11-19 13:27:23 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-11-19 13:27:20 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2016-11-19 13:27:10 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2016-11-19 13:27:10 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2016-11-19 13:27:09 ----A---- C:\Windows\system32\Mcx2Svc.dll
2016-11-19 13:27:08 ----A---- C:\Windows\system32\wpdshext.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\wmerror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\asferror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\wmerror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\mferror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\asferror.dll
2016-11-19 13:27:01 ----A---- C:\Windows\system32\wmpmde.dll
2016-11-19 13:27:01 ----A---- C:\Windows\system32\mf.dll
2016-11-19 13:27:01 ----A---- C:\Windows\system32\mcmde.dll
2016-11-19 13:26:59 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-11-19 13:26:59 ----A---- C:\Windows\system32\WPDSp.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\wmpdxm.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\mswmdm.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-11-19 13:26:59 ----A---- C:\Windows\system32\cewmdm.dll
2016-11-19 13:26:58 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-11-19 13:26:58 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-11-19 13:26:55 ----A---- C:\Windows\system32\wmpps.dll
2016-11-19 13:26:49 ----A---- C:\Windows\system32\wmcodecdspps.dll
2016-11-19 13:26:49 ----A---- C:\Windows\system32\mfps.dll
2016-11-19 13:26:15 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2016-11-19 13:26:13 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-11-19 13:26:13 ----A---- C:\Windows\system32\wmploc.DLL
2016-11-19 13:26:09 ----A---- C:\Windows\system32\WMNetMgr.dll
2016-11-19 13:26:08 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2016-11-19 13:25:59 ----A---- C:\Windows\system32\WMPEncEn.dll
2016-11-19 13:25:58 ----A---- C:\Windows\system32\WMVCORE.DLL
2016-11-19 13:25:58 ----A---- C:\Windows\system32\wmp.dll
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-11-19 13:08:19 ----A---- C:\Windows\system32\wksprt.exe
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\tsgqec.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\mstscax.dll
2016-11-19 13:08:02 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-11-19 12:57:40 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2016-11-19 12:57:40 ----A---- C:\Windows\system32\TSWorkspace.dll
2016-11-19 12:56:46 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-11-19 12:56:38 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-19 12:56:38 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-19 12:56:38 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-11-19 12:56:36 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-11-19 12:56:36 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-11-19 12:56:36 ----A---- C:\Windows\system32\wksprtPS.dll
2016-11-19 12:56:36 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-11-19 12:56:35 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-11-19 12:56:35 ----A---- C:\Windows\system32\mstsc.exe
2016-11-19 10:00:23 ----D---- C:\Windows\SYSWOW64\Configuration
2016-11-19 09:56:02 ----A---- C:\Windows\SYSWOW64\pwrshplugin.dll
2016-11-19 09:56:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2016-11-19 09:55:58 ----A---- C:\Windows\system32\winrscmd.dll
2016-11-19 09:55:58 ----A---- C:\Windows\system32\ncobjapi.dll
2016-11-19 09:55:53 ----A---- C:\Windows\SYSWOW64\winrscmd.dll
2016-11-19 09:55:53 ----A---- C:\Windows\SYSWOW64\ncobjapi.dll
2016-11-19 09:55:52 ----A---- C:\Windows\system32\Register-CimProvider.exe
2016-11-19 09:55:47 ----A---- C:\Windows\system32\winrshost.exe
2016-11-19 09:55:46 ----A---- C:\Windows\SYSWOW64\Register-CimProvider.exe
2016-11-19 09:55:42 ----A---- C:\Windows\SYSWOW64\winrs.exe
2016-11-19 09:55:42 ----A---- C:\Windows\system32\winrs.exe
2016-11-19 09:55:41 ----A---- C:\Windows\SYSWOW64\wecapi.dll
2016-11-19 09:55:41 ----A---- C:\Windows\system32\winrm.cmd
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wevtfwd.dll
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wecutil.exe
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wecapi.dll
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\winrshost.exe
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\wevtfwd.dll
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\wecutil.exe
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\prvdmofcomp.dll
2016-11-19 09:55:40 ----A---- C:\Windows\system32\wecsvc.dll
2016-11-19 09:55:33 ----A---- C:\Windows\SYSWOW64\winrm.cmd
2016-11-19 09:55:32 ----A---- C:\Windows\SYSWOW64\winrsmgr.dll
2016-11-19 09:55:32 ----A---- C:\Windows\system32\winrsmgr.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\WsmAgent.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\winrssrv.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\PSModuleDiscoveryProvider.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\prvdmofcomp.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\DscTimer.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\DscProxy.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\WsmRes.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\framedynos.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\framedyn.dll
2016-11-19 09:55:12 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-11-19 09:55:12 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-11-19 09:55:12 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-11-19 09:55:11 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\WsmAgent.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\winrssrv.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\PSModuleDiscoveryProvider.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\miutils.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\mi.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\DscCoreConfProv.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\miutils.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\mi.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\DscCoreConfProv.dll
2016-11-19 09:54:59 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-11-19 09:54:51 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-11-19 09:54:50 ----A---- C:\Windows\SYSWOW64\wmitomi.dll
2016-11-19 09:54:50 ----A---- C:\Windows\SYSWOW64\wmidcom.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\wmitomi.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\wmidcom.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\mimofcodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\mibincodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mpunits.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mpeval.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mimofcodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mibincodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\DscCore.dll
2016-11-19 09:54:36 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-11-19 09:54:36 ----A---- C:\Windows\SYSWOW64\WsmGCDeps.dll
2016-11-19 09:54:36 ----A---- C:\Windows\system32\WsmGCDeps.dll
2016-11-19 09:54:36 ----A---- C:\Windows\system32\WsmAuto.dll
2016-11-19 09:54:35 ----A---- C:\Windows\system32\WsmSvc.dll
2016-11-19 09:54:34 ----A---- C:\Windows\SYSWOW64\wbemcomn2.dll
2016-11-19 09:54:34 ----A---- C:\Windows\system32\wbemcomn2.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kdusb.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kdcom.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kd1394.dll
2016-11-18 19:19:47 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-18 19:19:47 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-18 19:19:46 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-18 19:19:46 ----A---- C:\Windows\system32\advapi32.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\tzres.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\crypt32.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\certcli.dll
2016-11-18 19:19:44 ----A---- C:\Windows\system32\sspicli.dll
2016-11-18 19:19:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-18 19:19:43 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-18 19:19:42 ----A---- C:\Windows\system32\secur32.dll
2016-11-18 19:19:42 ----A---- C:\Windows\system32\lsass.exe
2016-11-18 19:19:41 ----A---- C:\Windows\system32\msaudite.dll
2016-11-18 19:19:41 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-18 19:19:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-18 19:19:41 ----A---- C:\Windows\system32\auditpol.exe
2016-11-18 19:19:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-18 19:19:40 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\schannel.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\msobjs.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\adtschema.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-18 19:19:38 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-11-18 19:19:38 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-18 19:19:38 ----A---- C:\Windows\system32\FntCache.dll
2016-11-18 19:19:38 ----A---- C:\Windows\system32\DWrite.dll
2016-11-18 19:19:37 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-11-18 19:19:33 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\srclient.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\rstrui.exe
2016-11-18 19:19:31 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-18 19:19:31 ----A---- C:\Windows\system32\srcore.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-18 19:19:28 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-18 19:19:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-18 19:19:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-18 19:19:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-18 19:19:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-18 19:19:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-18 19:19:26 ----A---- C:\Windows\system32\ieui.dll
2016-11-18 19:19:26 ----A---- C:\Windows\system32\ieframe.dll
2016-11-18 19:19:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-18 19:19:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-18 19:19:24 ----A---- C:\Windows\system32\mshtml.dll
2016-11-18 19:19:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-18 19:19:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-18 19:19:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-18 19:19:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-18 19:19:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-18 19:19:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-18 19:19:21 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-18 19:19:21 ----A---- C:\Windows\system32\webcheck.dll
2016-11-18 19:19:21 ----A---- C:\Windows\system32\occache.dll
2016-11-18 19:19:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-18 19:19:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-18 19:19:20 ----A---- C:\Windows\system32\iernonce.dll
2016-11-18 19:19:20 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-18 19:19:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\jscript.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\iesetup.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-18 19:19:18 ----A---- C:\Windows\system32\jscript9.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\vbscript.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-18 19:19:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-18 19:19:16 ----A---- C:\Windows\system32\wininet.dll
2016-11-18 19:19:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-18 19:19:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-18 19:19:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-18 19:19:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-18 19:19:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-18 19:19:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-18 19:19:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-18 19:19:10 ----A---- C:\Windows\system32\urlmon.dll
2016-11-18 19:19:10 ----A---- C:\Windows\system32\msrating.dll
2016-11-18 19:19:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-18 19:19:09 ----A---- C:\Windows\system32\iertutil.dll
2016-11-18 19:19:08 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-18 19:19:08 ----A---- C:\Windows\system32\inseng.dll
2016-11-18 19:19:06 ----A---- C:\Windows\system32\scavengeui.dll
2016-11-18 19:19:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-18 19:19:06 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\cryptui.dll
2016-11-18 19:19:05 ----A---- C:\Windows\system32\cryptsp.dll
2016-11-18 19:19:05 ----A---- C:\Windows\system32\clfs.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\atmfd.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\msmmsp.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\lpk.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\fontsub.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\dciman32.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\atmlib.dll
2016-11-18 19:19:03 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-18 19:19:03 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-11-18 19:19:03 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-18 19:19:02 ----A---- C:\Windows\system32\win32k.sys
2016-11-18 19:19:02 ----A---- C:\Windows\system32\msctf.dll
2016-11-18 19:19:02 ----A---- C:\Windows\system32\input.dll
2016-11-18 19:19:01 ----A---- C:\Windows\system32\adsmsext.dll
2016-11-18 19:18:57 ----A---- C:\Windows\system32\cryptsvc.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\wintrust.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-18 19:18:56 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\kerberos.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\cryptnet.dll
2016-11-18 19:18:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\winsrv.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\credssp.dll
2016-11-18 19:18:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-18 19:18:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-18 19:18:54 ----A---- C:\Windows\system32\wdigest.dll
2016-11-18 19:18:54 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-18 19:18:53 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\kernel32.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-18 19:18:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-18 19:18:52 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-18 19:18:52 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-18 19:18:49 ----A---- C:\Windows\system32\smss.exe
2016-11-18 19:18:49 ----A---- C:\Windows\system32\conhost.exe
2016-11-18 19:18:49 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-18 19:18:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-18 19:18:48 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-18 19:18:48 ----A---- C:\Windows\system32\ntdll.dll
2016-11-18 19:18:48 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-18 19:18:47 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64win.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-18 19:18:35 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-18 19:17:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-18 19:17:29 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-18 19:17:28 ----A---- C:\Windows\system32\win32spl.dll
2016-11-18 19:17:28 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-11-18 19:17:27 ----A---- C:\Windows\system32\EncDump.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\audiosrv.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AudioSes.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AudioEng.dll
2016-11-18 19:17:25 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-11-18 19:17:25 ----A---- C:\Windows\system32\quartz.dll
2016-11-18 19:17:25 ----A---- C:\Windows\system32\audiodg.exe
2016-11-18 19:17:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-11-18 19:17:20 ----A---- C:\Windows\system32\qdvd.dll
2016-11-18 19:17:18 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-18 19:17:18 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-18 19:17:18 ----A---- C:\Windows\system32\INETRES.dll
2016-11-18 19:17:17 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-18 19:17:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-18 19:17:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidapi.dll
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-18 19:17:13 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-18 19:17:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-18 19:17:11 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-18 19:17:10 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-18 19:17:05 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-18 19:17:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-11-18 19:17:01 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-11-18 19:17:00 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-18 19:17:00 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-18 19:16:59 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-11-18 19:16:59 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-18 19:16:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-18 19:16:42 ----A---- C:\Windows\system32\WebClnt.dll
2016-11-18 19:16:42 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-11-18 19:16:41 ----A---- C:\Windows\system32\pcaevts.dll
2016-11-18 19:16:41 ----A---- C:\Windows\system32\pcadm.dll
2016-11-18 19:16:41 ----A---- C:\Windows\system32\davclnt.dll
2016-11-18 19:16:40 ----A---- C:\Windows\system32\pcawrk.exe
2016-11-18 19:16:40 ----A---- C:\Windows\system32\pcalua.exe
2016-11-18 19:16:39 ----A---- C:\Windows\system32\pcasvc.dll
2016-11-18 19:12:55 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-11-18 19:12:55 ----A---- C:\Windows\system32\user32.dll
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srv.sys
2016-11-18 19:11:46 ----A---- C:\Windows\system32\wpnpinst.exe
2016-11-18 19:11:46 ----A---- C:\Windows\system32\ntprint.exe
2016-11-18 19:11:46 ----A---- C:\Windows\system32\inetppui.dll
2016-11-18 19:11:46 ----A---- C:\Windows\system32\inetpp.dll
2016-11-18 19:11:45 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-11-18 19:11:45 ----A---- C:\Windows\system32\ntprint.dll
2016-11-18 19:11:45 ----A---- C:\Windows\system32\localspl.dll
2016-11-18 19:11:44 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-11-18 19:11:25 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-11-18 19:11:24 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-11-18 19:11:04 ----A---- C:\Windows\system32\netbtugc.exe
2016-11-18 19:11:04 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\ws2_32.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\winhttp.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\mswsock.dll
2016-11-18 19:10:44 ----A---- C:\Windows\system32\gdi32.dll
2016-11-18 19:10:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-11-18 19:10:22 ----A---- C:\Windows\system32\gpsvc.dll
2016-11-18 19:10:22 ----A---- C:\Windows\system32\gpapi.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpscript.exe
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpscript.dll
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpprefcl.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\winipsec.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\polstore.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-11-18 19:10:20 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-11-18 19:08:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-11-18 19:08:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-11-18 19:08:48 ----A---- C:\Windows\system32\cdd.dll
2016-11-18 19:08:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-11-18 19:08:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-11-18 19:08:10 ----A---- C:\Windows\system32\jnwmon.dll
2016-11-18 19:07:51 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-11-18 19:07:51 ----A---- C:\Windows\system32\d3d10level9.dll
2016-11-18 19:07:30 ----A---- C:\Windows\system32\samsrv.dll
2016-11-18 19:07:30 ----A---- C:\Windows\system32\samlib.dll
2016-11-18 19:07:29 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-11-18 19:06:45 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-18 19:06:44 ----A---- C:\Windows\system32\ole32.dll
2016-11-18 19:05:43 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

#2 Příspěvek od **Rudy** » 19 lis 2016 18:03

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

michal1097 · #3 Příspěvek od **michal1097** » 20 lis 2016 12:34

prikladam log z adwcleanera

# AdwCleaner v6.030 - *Logfile created 20/11/2016 *at 12:28:31
# *Updated on 19/10/2016 by Malwarebytes
# *Database : 2016-11-19.2 [*Server]
# *Operating System : Windows 7 Professional N Service Pack 1 (X64)
# *Username : Michal - MICHAL-PC
# *Running from : C:\Users\Michal\Desktop\adwcleaner_6.030.exe
# *Mode: Clean
# *Support : hxxps://www.malwarebytes.com/support

***** [ *Services ] *****

***** [ *Folders ] *****

[-] *Folder deleted: C:\Users\Michal\AppData\Local\DriverToolkit
[-] *Folder deleted: C:\Users\Michal\AppData\Roaming\DCSCMIN
[-] *Folder deleted: C:\Users\Michal\AppData\Roaming\SpringFiles

***** [ *Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ *Shortcuts ] *****

[-] *Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] *Shortcut disinfected: C:\Users\Michal\Desktop\programi\Google Chrome.lnk
[-] *Shortcut disinfected: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ *Scheduled Tasks ] *****

***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] *Key deleted: HKU\S-1-5-21-1152366391-2464299941-3798222694-1000\Software\DriverToolkit
[-] *Key deleted: HKU\S-1-5-21-1152366391-2464299941-3798222694-1000\Software\PRODUCTSETUP
[-] *Key deleted: HKU\S-1-5-21-1152366391-2464299941-3798222694-1000\Software\DC3_FEXEC
[-] *Key deleted: HKU\S-1-5-21-1152366391-2464299941-3798222694-1000\Software\SrpnFiles
[-] *Key deleted: HKU\S-1-5-21-1152366391-2464299941-3798222694-1000\Software\csastats
[-] *Key deleted: HKU\S-1-5-21-1152366391-2464299941-3798222694-1000\Software\ICSW1.23
[#] *Key deleted on reboot: HKCU\Software\DriverToolkit
[#] *Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] *Key deleted on reboot: HKCU\Software\DC3_FEXEC
[#] *Key deleted on reboot: HKCU\Software\SrpnFiles
[#] *Key deleted on reboot: HKCU\Software\csastats
[#] *Key deleted on reboot: HKCU\Software\ICSW1.23
[-] *Key deleted: HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] *Key deleted: HKLM\SOFTWARE\SrpnFiles
[#] *Key deleted on reboot: [x64] HKCU\Software\DriverToolkit
[#] *Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] *Key deleted on reboot: [x64] HKCU\Software\DC3_FEXEC
[#] *Key deleted on reboot: [x64] HKCU\Software\SrpnFiles
[#] *Key deleted on reboot: [x64] HKCU\Software\csastats
[#] *Key deleted on reboot: [x64] HKCU\Software\ICSW1.23

***** [ *Browsers ] *****

*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3130 *Bytes] - [20/11/2016 12:28:31]
C:\AdwCleaner\AdwCleaner[S0].txt - [3455 *Bytes] - [20/11/2016 12:26:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3278 *Bytes] ##########

#4 Příspěvek od **Rudy** » 20 lis 2016 12:35

Dejte nový log RSIT.

michal1097 · #5 Příspěvek od **michal1097** » 20 lis 2016 12:51

Logfile of random's system information tool 1.14 (written by random/random)
Run by Michal at 2016-11-20 12:48:44
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 268 GB (61%) free of 443 GB
Total RAM: 3965 MB (40% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:48:50, on 20. 11. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Michal_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noneblock.biz/wpad.dat?eeecfca40 ... 1918000941
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\RunOnce: [SymInstallStub] C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=5 /launchedby=3
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [java] C:\Users\Michal\AppData\Roaming\DCSCMIN\IMDCSC.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: xranhgo - C:\Users\Michal\AppData\Local\xranhgo.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13535 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
"C:\Program Files (x86)\AVG\AVG9\avgchsva.exe"
C:\Windows\system32\winlogon.exe
"C:\Program Files (x86)\AVG\AVG9\avgrsa.exe"
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\AVG\AVG9\avgnsa.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\AVG\AVG9\avgemc.exe"
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Michal\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.0.327" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="4340.0.409948529\700061077" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\Windows\system32\conhost.exe "171362723-1286229833696209705-2217821847684581551948393649-166676563939679701
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Michal\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.0.327" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="4340.1.139078363\460020077" /prefetch:673131151
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Michal\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Product Installer.job - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=2
C:\Windows\tasks\Norton Product InstallerIdle.job - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=4
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 1510 series - "C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00
C:\Windows\system32\tasks\Norton Product Installer - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=2
C:\Windows\system32\tasks\Norton Product InstallerIdle - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=4
C:\Windows\system32\tasks\{9FEBF33B-2074-414C-8502-E337530B2EEE} - C:\Windows\system32\pcalua.exe -a "C:\Users\Michal\Desktop\Nový priečinok\Windows.Media.Player.12.v.2.CZ..exe" -d "C:\Users\Michal\Desktop\Nový priečinok"
C:\Windows\system32\tasks\{ED0C19EC-E733-47DA-A367-34EAE657BBBF} - C:\Windows\system32\pcalua.exe -a C:\Users\Michal\Desktop\wsusoffline\client\cpp\vcredist2008_x64.exe -d C:\Users\Michal\Desktop\wsusoffline\client\cpp
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\MpIdleTask - c:\Program Files\Microsoft Security Client\MpCmdRun.exe -IdleTask -TaskName MpIdleTask
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default

prefs.js - "browser.startup.homepage" - "https://www.google.sk/?gfe_rd=cr&ei=oRv ... gws_rd=ssl"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
NPSibelius.dll
PDFNetC.dll
ScorchAxPlugin.dll
ScorchPDFWrapper.dll

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions.json
Bing Search - extension - bingsearch.full@microsoft.com - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions\bingsearch.full@microsoft.com.xpi
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\features\{72492ef5-0347-472b-b2f5-651f3e2836a9}\asyncrendering@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.4.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - ScorchPlugin - 6.2.0.88 - C:\Program Files (x86)\Sibelius Software\Scorch\NPSibelius.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

=========Google Chrome=========

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: https://www.google.sk/
default_search_provider.search_url:
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [2016-10-07 2334560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-01-31 36352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-03-05 2876816]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-24 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-04-24 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-24 442352]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-02-04 899680]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-09-17 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-04-12 7770936]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2016-10-07 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2016-10-07 191544]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-24 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27011712]
"BingSvc"=C:\Users\Michal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-05 144008]
"java"=C:\Users\Michal\AppData\Roaming\DCSCMIN\IMDCSC.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-11-07 9108184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-25 642816]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2016-10-07 2079792]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-12 2383040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SymInstallStub"=C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe [2016-11-17 482104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-24 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-04-18 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\system32\rundll32.exe"="C:\Windows\system32\rundll32.exe:*:Enabled:rundll32"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-20 12:24:38 ----D---- C:\AdwCleaner
2016-11-19 15:20:10 ----D---- C:\rsit
2016-11-19 15:20:10 ----D---- C:\Program Files\trend micro
2016-11-19 14:22:51 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-11-19 14:22:51 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-11-19 14:22:50 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-11-19 14:22:49 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-19 14:22:48 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-11-19 14:22:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-19 14:22:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-11-19 14:22:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-11-19 14:22:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-11-19 14:22:45 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-19 14:22:45 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-11-19 14:22:45 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-19 14:22:44 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-19 14:19:05 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-19 14:18:17 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-19 14:04:02 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-19 14:03:14 ----A---- C:\Windows\ntbtlog.txt
2016-11-19 13:34:50 ----D---- C:\Program Files\Windows Portable Devices
2016-11-19 13:34:50 ----D---- C:\Program Files\Windows Media Player
2016-11-19 13:34:50 ----D---- C:\Program Files\DVD Maker
2016-11-19 13:34:50 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-11-19 13:34:50 ----D---- C:\Program Files (x86)\Windows Media Player
2016-11-19 13:34:48 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-11-19 13:34:48 ----D---- C:\Windows\ehome
2016-11-19 13:29:09 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-11-19 13:29:00 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2016-11-19 13:29:00 ----A---- C:\Windows\system32\wmdmlog.dll
2016-11-19 13:29:00 ----A---- C:\Windows\system32\evr.dll
2016-11-19 13:28:58 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2016-11-19 13:28:55 ----A---- C:\Windows\system32\wmpshell.dll
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\WPDShextAutoplay.exe
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\logagent.exe
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-11-19 13:28:54 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-11-19 13:28:53 ----A---- C:\Windows\SYSWOW64\wmdmlog.dll
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-11-19 13:28:47 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-11-19 13:28:44 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-11-19 13:28:44 ----A---- C:\Windows\system32\wmdmps.dll
2016-11-19 13:28:44 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-11-19 13:28:43 ----A---- C:\Windows\system32\sysprepMCE.dll
2016-11-19 13:28:43 ----A---- C:\Windows\system32\spwmp.dll
2016-11-19 13:28:42 ----A---- C:\Windows\SYSWOW64\WmpDui.dll
2016-11-19 13:28:42 ----A---- C:\Windows\system32\iTVData.dll
2016-11-19 13:28:42 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-11-19 13:28:41 ----A---- C:\Windows\system32\WmpDui.dll
2016-11-19 13:28:39 ----A---- C:\Windows\system32\MsPbdaCoInst.dll
2016-11-19 13:28:39 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2016-11-19 13:28:30 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2016-11-19 13:28:28 ----A---- C:\Windows\SYSWOW64\unregmp2.exe
2016-11-19 13:28:28 ----A---- C:\Windows\system32\logagent.exe
2016-11-19 13:28:27 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-11-19 13:28:27 ----A---- C:\Windows\system32\unregmp2.exe
2016-11-19 13:28:27 ----A---- C:\Windows\system32\msnetobj.dll
2016-11-19 13:28:21 ----A---- C:\Windows\SYSWOW64\wmdmps.dll
2016-11-19 13:28:21 ----A---- C:\Windows\system32\LAPRXY.DLL
2016-11-19 13:28:20 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2016-11-19 13:28:20 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-11-19 13:28:16 ----A---- C:\Windows\system32\wmidx.dll
2016-11-19 13:28:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-11-19 13:28:15 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2016-11-19 13:28:15 ----A---- C:\Windows\system32\msscp.dll
2016-11-19 13:28:15 ----A---- C:\Windows\system32\dxmasf.dll
2016-11-19 13:28:14 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2016-11-19 13:28:14 ----A---- C:\Windows\system32\wmpcm.dll
2016-11-19 13:28:06 ----A---- C:\Windows\system32\rrinstaller.exe
2016-11-19 13:28:06 ----A---- C:\Windows\system32\mfpmp.exe
2016-11-19 13:28:05 ----A---- C:\Windows\SYSWOW64\PortableDeviceConnectApi.dll
2016-11-19 13:28:04 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-11-19 13:28:04 ----A---- C:\Windows\system32\mcsrchPH.dll
2016-11-19 13:27:57 ----A---- C:\Windows\SYSWOW64\wmcodecdspps.dll
2016-11-19 13:27:57 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmnet.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmdev.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\drmv2clt.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\blackbox.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\PortableDeviceClassExtension.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\LAPRXY.DLL
2016-11-19 13:27:54 ----A---- C:\Windows\system32\wpdwcn.dll
2016-11-19 13:27:54 ----A---- C:\Windows\system32\wpd_ci.dll
2016-11-19 13:27:54 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2016-11-19 13:27:50 ----A---- C:\Windows\SYSWOW64\wmidx.dll
2016-11-19 13:27:50 ----A---- C:\Windows\SYSWOW64\PortableDeviceWiaCompat.dll
2016-11-19 13:27:50 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\PortableDeviceWMDRM.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2016-11-19 13:27:49 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\wmpcm.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\mswmdm.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2016-11-19 13:27:48 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-11-19 13:27:47 ----A---- C:\Windows\system32\wmvdspa.dll
2016-11-19 13:27:47 ----A---- C:\Windows\system32\wmpeffects.dll
2016-11-19 13:27:47 ----A---- C:\Windows\system32\mfvdsp.dll
2016-11-19 13:27:46 ----A---- C:\Windows\system32\wmpsrcwp.dll
2016-11-19 13:27:46 ----A---- C:\Windows\system32\mfds.dll
2016-11-19 13:27:41 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-11-19 13:27:41 ----A---- C:\Windows\system32\mfplat.dll
2016-11-19 13:27:40 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-11-19 13:27:40 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-11-19 13:27:40 ----A---- C:\Windows\system32\WMASF.DLL
2016-11-19 13:27:40 ----A---- C:\Windows\system32\mspbda.dll
2016-11-19 13:27:40 ----A---- C:\Windows\system32\msdri.dll
2016-11-19 13:27:34 ----A---- C:\Windows\SYSWOW64\PortableDeviceTypes.dll
2016-11-19 13:27:34 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2016-11-19 13:27:34 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2016-11-19 13:27:34 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\mfAACEnc.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\mfreadwrite.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\MFPlay.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\mfAACEnc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfdvdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfmjpegdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfh264enc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfdvdec.dll
2016-11-19 13:27:29 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-11-19 13:27:26 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2016-11-19 13:27:26 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-11-19 13:27:24 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\wmvdspa.dll
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-11-19 13:27:23 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-11-19 13:27:23 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-11-19 13:27:20 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2016-11-19 13:27:10 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2016-11-19 13:27:10 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2016-11-19 13:27:09 ----A---- C:\Windows\system32\Mcx2Svc.dll
2016-11-19 13:27:08 ----A---- C:\Windows\system32\wpdshext.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\wmerror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\asferror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\wmerror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\mferror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\asferror.dll
2016-11-19 13:27:01 ----A---- C:\Windows\system32\wmpmde.dll
2016-11-19 13:27:01 ----A---- C:\Windows\system32\mf.dll
2016-11-19 13:27:01 ----A---- C:\Windows\system32\mcmde.dll
2016-11-19 13:26:59 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-11-19 13:26:59 ----A---- C:\Windows\system32\WPDSp.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\wmpdxm.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\mswmdm.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-11-19 13:26:59 ----A---- C:\Windows\system32\cewmdm.dll
2016-11-19 13:26:58 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-11-19 13:26:58 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-11-19 13:26:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-11-19 13:26:55 ----A---- C:\Windows\system32\wmpps.dll
2016-11-19 13:26:49 ----A---- C:\Windows\system32\wmcodecdspps.dll
2016-11-19 13:26:49 ----A---- C:\Windows\system32\mfps.dll
2016-11-19 13:26:15 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2016-11-19 13:26:13 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-11-19 13:26:13 ----A---- C:\Windows\system32\wmploc.DLL
2016-11-19 13:26:09 ----A---- C:\Windows\system32\WMNetMgr.dll
2016-11-19 13:26:08 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2016-11-19 13:25:59 ----A---- C:\Windows\system32\WMPEncEn.dll
2016-11-19 13:25:58 ----A---- C:\Windows\system32\WMVCORE.DLL
2016-11-19 13:25:58 ----A---- C:\Windows\system32\wmp.dll
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-11-19 13:08:19 ----A---- C:\Windows\system32\wksprt.exe
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\tsgqec.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\mstscax.dll
2016-11-19 13:08:02 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-11-19 12:57:40 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2016-11-19 12:57:40 ----A---- C:\Windows\system32\TSWorkspace.dll
2016-11-19 12:56:46 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-11-19 12:56:38 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-19 12:56:38 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-19 12:56:38 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-11-19 12:56:36 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-11-19 12:56:36 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-11-19 12:56:36 ----A---- C:\Windows\system32\wksprtPS.dll
2016-11-19 12:56:36 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-11-19 12:56:35 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-11-19 12:56:35 ----A---- C:\Windows\system32\mstsc.exe
2016-11-19 10:00:23 ----D---- C:\Windows\SYSWOW64\Configuration
2016-11-19 09:56:02 ----A---- C:\Windows\SYSWOW64\pwrshplugin.dll
2016-11-19 09:56:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2016-11-19 09:55:58 ----A---- C:\Windows\system32\winrscmd.dll
2016-11-19 09:55:58 ----A---- C:\Windows\system32\ncobjapi.dll
2016-11-19 09:55:53 ----A---- C:\Windows\SYSWOW64\winrscmd.dll
2016-11-19 09:55:53 ----A---- C:\Windows\SYSWOW64\ncobjapi.dll
2016-11-19 09:55:52 ----A---- C:\Windows\system32\Register-CimProvider.exe
2016-11-19 09:55:47 ----A---- C:\Windows\system32\winrshost.exe
2016-11-19 09:55:46 ----A---- C:\Windows\SYSWOW64\Register-CimProvider.exe
2016-11-19 09:55:42 ----A---- C:\Windows\SYSWOW64\winrs.exe
2016-11-19 09:55:42 ----A---- C:\Windows\system32\winrs.exe
2016-11-19 09:55:41 ----A---- C:\Windows\SYSWOW64\wecapi.dll
2016-11-19 09:55:41 ----A---- C:\Windows\system32\winrm.cmd
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wevtfwd.dll
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wecutil.exe
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wecapi.dll
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\winrshost.exe
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\wevtfwd.dll
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\wecutil.exe
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\prvdmofcomp.dll
2016-11-19 09:55:40 ----A---- C:\Windows\system32\wecsvc.dll
2016-11-19 09:55:33 ----A---- C:\Windows\SYSWOW64\winrm.cmd
2016-11-19 09:55:32 ----A---- C:\Windows\SYSWOW64\winrsmgr.dll
2016-11-19 09:55:32 ----A---- C:\Windows\system32\winrsmgr.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\WsmAgent.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\winrssrv.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\PSModuleDiscoveryProvider.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\prvdmofcomp.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\DscTimer.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\DscProxy.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\WsmRes.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\framedynos.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\framedyn.dll
2016-11-19 09:55:12 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-11-19 09:55:12 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-11-19 09:55:12 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-11-19 09:55:11 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\WsmAgent.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\winrssrv.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\PSModuleDiscoveryProvider.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\miutils.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\mi.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\DscCoreConfProv.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\miutils.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\mi.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\DscCoreConfProv.dll
2016-11-19 09:54:59 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-11-19 09:54:51 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-11-19 09:54:50 ----A---- C:\Windows\SYSWOW64\wmitomi.dll
2016-11-19 09:54:50 ----A---- C:\Windows\SYSWOW64\wmidcom.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\wmitomi.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\wmidcom.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\mimofcodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\mibincodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mpunits.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mpeval.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mimofcodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mibincodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\DscCore.dll
2016-11-19 09:54:36 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-11-19 09:54:36 ----A---- C:\Windows\SYSWOW64\WsmGCDeps.dll
2016-11-19 09:54:36 ----A---- C:\Windows\system32\WsmGCDeps.dll
2016-11-19 09:54:36 ----A---- C:\Windows\system32\WsmAuto.dll
2016-11-19 09:54:35 ----A---- C:\Windows\system32\WsmSvc.dll
2016-11-19 09:54:34 ----A---- C:\Windows\SYSWOW64\wbemcomn2.dll
2016-11-19 09:54:34 ----A---- C:\Windows\system32\wbemcomn2.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kdusb.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kdcom.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kd1394.dll
2016-11-18 19:19:47 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-18 19:19:47 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-18 19:19:46 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-18 19:19:46 ----A---- C:\Windows\system32\advapi32.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\tzres.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\crypt32.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\certcli.dll
2016-11-18 19:19:44 ----A---- C:\Windows\system32\sspicli.dll
2016-11-18 19:19:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-18 19:19:43 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-18 19:19:42 ----A---- C:\Windows\system32\secur32.dll
2016-11-18 19:19:42 ----A---- C:\Windows\system32\lsass.exe
2016-11-18 19:19:41 ----A---- C:\Windows\system32\msaudite.dll
2016-11-18 19:19:41 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-18 19:19:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-18 19:19:41 ----A---- C:\Windows\system32\auditpol.exe
2016-11-18 19:19:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-18 19:19:40 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\schannel.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\msobjs.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\adtschema.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-18 19:19:38 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-11-18 19:19:38 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-18 19:19:38 ----A---- C:\Windows\system32\FntCache.dll
2016-11-18 19:19:38 ----A---- C:\Windows\system32\DWrite.dll
2016-11-18 19:19:37 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-11-18 19:19:33 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\srclient.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\rstrui.exe
2016-11-18 19:19:31 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-18 19:19:31 ----A---- C:\Windows\system32\srcore.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-18 19:19:28 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-18 19:19:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-18 19:19:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-18 19:19:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-18 19:19:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-18 19:19:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-18 19:19:26 ----A---- C:\Windows\system32\ieui.dll
2016-11-18 19:19:26 ----A---- C:\Windows\system32\ieframe.dll
2016-11-18 19:19:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-18 19:19:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-18 19:19:24 ----A---- C:\Windows\system32\mshtml.dll
2016-11-18 19:19:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-18 19:19:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-18 19:19:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-18 19:19:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-18 19:19:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-18 19:19:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-18 19:19:21 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-18 19:19:21 ----A---- C:\Windows\system32\webcheck.dll
2016-11-18 19:19:21 ----A---- C:\Windows\system32\occache.dll
2016-11-18 19:19:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-18 19:19:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-18 19:19:20 ----A---- C:\Windows\system32\iernonce.dll
2016-11-18 19:19:20 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-18 19:19:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\jscript.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\iesetup.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-18 19:19:18 ----A---- C:\Windows\system32\jscript9.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\vbscript.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-18 19:19:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-18 19:19:16 ----A---- C:\Windows\system32\wininet.dll
2016-11-18 19:19:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-18 19:19:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-18 19:19:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-18 19:19:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-18 19:19:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-18 19:19:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-18 19:19:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-18 19:19:10 ----A---- C:\Windows\system32\urlmon.dll
2016-11-18 19:19:10 ----A---- C:\Windows\system32\msrating.dll
2016-11-18 19:19:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-18 19:19:09 ----A---- C:\Windows\system32\iertutil.dll
2016-11-18 19:19:08 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-18 19:19:08 ----A---- C:\Windows\system32\inseng.dll
2016-11-18 19:19:06 ----A---- C:\Windows\system32\scavengeui.dll
2016-11-18 19:19:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-18 19:19:06 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\cryptui.dll
2016-11-18 19:19:05 ----A---- C:\Windows\system32\cryptsp.dll
2016-11-18 19:19:05 ----A---- C:\Windows\system32\clfs.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\atmfd.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\msmmsp.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\lpk.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\fontsub.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\dciman32.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\atmlib.dll
2016-11-18 19:19:03 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-18 19:19:03 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-11-18 19:19:03 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-18 19:19:02 ----A---- C:\Windows\system32\win32k.sys
2016-11-18 19:19:02 ----A---- C:\Windows\system32\msctf.dll
2016-11-18 19:19:02 ----A---- C:\Windows\system32\input.dll
2016-11-18 19:19:01 ----A---- C:\Windows\system32\adsmsext.dll
2016-11-18 19:18:57 ----A---- C:\Windows\system32\cryptsvc.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\wintrust.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-18 19:18:56 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\kerberos.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\cryptnet.dll
2016-11-18 19:18:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\winsrv.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\credssp.dll
2016-11-18 19:18:54 ----A---- C:\Windows\SYSWOW64\secur32.dll

michal1097 · #6 Příspěvek od **michal1097** » 20 lis 2016 12:52

pokracovanie tu ....

2016-11-18 19:18:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-18 19:18:54 ----A---- C:\Windows\system32\wdigest.dll
2016-11-18 19:18:54 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-18 19:18:53 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\kernel32.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-18 19:18:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-18 19:18:52 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-18 19:18:52 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-18 19:18:49 ----A---- C:\Windows\system32\smss.exe
2016-11-18 19:18:49 ----A---- C:\Windows\system32\conhost.exe
2016-11-18 19:18:49 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-18 19:18:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-18 19:18:48 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-18 19:18:48 ----A---- C:\Windows\system32\ntdll.dll
2016-11-18 19:18:48 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-18 19:18:47 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64win.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-18 19:18:35 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-18 19:17:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-18 19:17:29 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-18 19:17:28 ----A---- C:\Windows\system32\win32spl.dll
2016-11-18 19:17:28 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-11-18 19:17:27 ----A---- C:\Windows\system32\EncDump.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\audiosrv.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AudioSes.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AudioEng.dll
2016-11-18 19:17:25 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-11-18 19:17:25 ----A---- C:\Windows\system32\quartz.dll
2016-11-18 19:17:25 ----A---- C:\Windows\system32\audiodg.exe
2016-11-18 19:17:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-11-18 19:17:20 ----A---- C:\Windows\system32\qdvd.dll
2016-11-18 19:17:18 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-18 19:17:18 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-18 19:17:18 ----A---- C:\Windows\system32\INETRES.dll
2016-11-18 19:17:17 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-18 19:17:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-18 19:17:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidapi.dll
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-18 19:17:13 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-18 19:17:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-18 19:17:11 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-18 19:17:10 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-18 19:17:05 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-18 19:17:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-11-18 19:17:01 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-11-18 19:17:00 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-18 19:17:00 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-18 19:16:59 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-11-18 19:16:59 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-18 19:16:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-18 19:16:42 ----A---- C:\Windows\system32\WebClnt.dll
2016-11-18 19:16:42 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-11-18 19:16:41 ----A---- C:\Windows\system32\pcaevts.dll
2016-11-18 19:16:41 ----A---- C:\Windows\system32\pcadm.dll
2016-11-18 19:16:41 ----A---- C:\Windows\system32\davclnt.dll
2016-11-18 19:16:40 ----A---- C:\Windows\system32\pcawrk.exe
2016-11-18 19:16:40 ----A---- C:\Windows\system32\pcalua.exe
2016-11-18 19:16:39 ----A---- C:\Windows\system32\pcasvc.dll
2016-11-18 19:12:55 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-11-18 19:12:55 ----A---- C:\Windows\system32\user32.dll
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srv.sys
2016-11-18 19:11:46 ----A---- C:\Windows\system32\wpnpinst.exe
2016-11-18 19:11:46 ----A---- C:\Windows\system32\ntprint.exe
2016-11-18 19:11:46 ----A---- C:\Windows\system32\inetppui.dll
2016-11-18 19:11:46 ----A---- C:\Windows\system32\inetpp.dll
2016-11-18 19:11:45 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-11-18 19:11:45 ----A---- C:\Windows\system32\ntprint.dll
2016-11-18 19:11:45 ----A---- C:\Windows\system32\localspl.dll
2016-11-18 19:11:44 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-11-18 19:11:25 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-11-18 19:11:24 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-11-18 19:11:04 ----A---- C:\Windows\system32\netbtugc.exe
2016-11-18 19:11:04 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\ws2_32.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\winhttp.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\mswsock.dll
2016-11-18 19:10:44 ----A---- C:\Windows\system32\gdi32.dll
2016-11-18 19:10:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-11-18 19:10:22 ----A---- C:\Windows\system32\gpsvc.dll
2016-11-18 19:10:22 ----A---- C:\Windows\system32\gpapi.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpscript.exe
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpscript.dll
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpprefcl.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\winipsec.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\polstore.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-11-18 19:10:20 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-11-18 19:08:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-11-18 19:08:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-11-18 19:08:48 ----A---- C:\Windows\system32\cdd.dll
2016-11-18 19:08:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-11-18 19:08:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-11-18 19:08:10 ----A---- C:\Windows\system32\jnwmon.dll
2016-11-18 19:07:51 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-11-18 19:07:51 ----A---- C:\Windows\system32\d3d10level9.dll
2016-11-18 19:07:30 ----A---- C:\Windows\system32\samsrv.dll
2016-11-18 19:07:30 ----A---- C:\Windows\system32\samlib.dll
2016-11-18 19:07:29 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-11-18 19:06:45 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-18 19:06:44 ----A---- C:\Windows\system32\ole32.dll
2016-11-18 19:05:43 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-11-18 19:05:43 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-11-18 19:05:43 ----A---- C:\Windows\system32\msxml3.dll
2016-11-18 19:05:42 ----A---- C:\Windows\system32\msxml3r.dll
2016-11-18 19:05:25 ----A---- C:\Windows\system32\seclogon.dll
2016-11-18 19:05:06 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-11-18 19:03:42 ----A---- C:\Windows\system32\mtxoci.dll
2016-11-18 19:03:28 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-11-18 19:03:22 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-11-18 19:03:21 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-11-18 19:03:21 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-11-18 19:03:21 ----A---- C:\Windows\system32\EncDec.dll
2016-11-18 19:03:21 ----A---- C:\Windows\system32\CPFilters.dll
2016-11-18 19:01:43 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-11-18 19:01:43 ----A---- C:\Windows\system32\InkEd.dll
2016-11-18 19:00:45 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-11-18 19:00:44 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-11-18 19:00:44 ----A---- C:\Windows\system32\qasf.dll
2016-11-18 19:00:44 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-11-18 19:00:41 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-11-18 19:00:41 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-11-18 19:00:41 ----A---- C:\Windows\system32\ksuser.dll
2016-11-18 19:00:40 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-11-18 19:00:40 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-11-18 19:00:40 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-11-18 19:00:39 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-11-18 19:00:39 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-11-18 19:00:38 ----A---- C:\Windows\system32\SysFxUI.dll
2016-11-18 19:00:38 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-11-18 19:00:38 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-11-18 19:00:38 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-11-18 19:00:06 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-11-18 19:00:06 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-11-18 19:00:06 ----A---- C:\Windows\system32\devenum.dll
2016-11-18 19:00:05 ----A---- C:\Windows\system32\qedit.dll
2016-11-18 18:59:44 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-11-18 18:59:44 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-11-18 18:59:44 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-11-18 18:59:44 ----A---- C:\Windows\system32\mapistub.dll
2016-11-18 18:59:44 ----A---- C:\Windows\system32\mapi32.dll
2016-11-18 18:59:43 ----A---- C:\Windows\system32\fixmapi.exe
2016-11-18 18:58:41 ----A---- C:\Windows\SYSWOW64\els.dll
2016-11-18 18:58:41 ----A---- C:\Windows\system32\els.dll
2016-11-18 18:58:23 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-11-18 18:58:23 ----A---- C:\Windows\system32\wshrm.dll
2016-11-18 18:58:23 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-11-18 18:58:01 ----A---- C:\Windows\system32\usp10.dll
2016-11-18 18:58:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-11-18 18:57:42 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-11-18 18:57:42 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-11-18 18:57:42 ----A---- C:\Windows\system32\comsvcs.dll
2016-11-18 18:57:42 ----A---- C:\Windows\system32\catsrvut.dll
2016-11-18 18:57:23 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-11-18 18:57:22 ----A---- C:\Windows\system32\drivers\afd.sys
2016-11-18 18:56:40 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-11-18 18:54:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-11-18 18:54:32 ----A---- C:\Windows\system32\shell32.dll
2016-11-18 18:54:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-11-18 18:54:30 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-11-18 18:53:39 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-11-18 18:53:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-18 18:50:31 ----A---- C:\Windows\system32\schedsvc.dll
2016-11-18 18:49:50 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-11-18 18:49:50 ----A---- C:\Windows\system32\d3d10warp.dll
2016-11-18 18:48:56 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-11-18 18:48:56 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-11-18 18:48:56 ----A---- C:\Windows\system32\msxml6r.dll
2016-11-18 18:48:56 ----A---- C:\Windows\system32\msxml6.dll
2016-11-18 18:46:50 ----A---- C:\Windows\system32\sysmain.dll
2016-11-18 18:44:30 ----A---- C:\Windows\system32\basesrv.dll
2016-11-18 18:42:37 ----A---- C:\Windows\system32\notepad.exe
2016-11-18 18:42:36 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-11-18 18:42:36 ----A---- C:\Windows\notepad.exe
2016-11-18 18:42:08 ----A---- C:\Windows\system32\comctl32.dll
2016-11-18 18:42:07 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-11-18 18:40:33 ----A---- C:\Windows\system32\services.exe
2016-11-18 18:38:59 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2016-11-18 18:38:59 ----A---- C:\Windows\system32\clfsw32.dll
2016-11-18 18:37:50 ----A---- C:\Windows\system32\drivers\http.sys
2016-11-18 18:37:27 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-11-18 18:37:27 ----A---- C:\Windows\system32\WMPhoto.dll
2016-11-18 18:36:59 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2016-11-18 18:36:58 ----A---- C:\Windows\system32\ubpm.dll
2016-11-18 18:35:55 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2016-11-18 18:35:54 ----A---- C:\Windows\system32\scesrv.dll
2016-11-18 18:35:30 ----A---- C:\Windows\system32\profsvc.dll
2016-11-18 18:35:05 ----A---- C:\Windows\system32\nlasvc.dll
2016-11-18 18:35:05 ----A---- C:\Windows\system32\nlaapi.dll
2016-11-18 18:35:05 ----A---- C:\Windows\system32\ncsi.dll
2016-11-18 18:35:04 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2016-11-18 18:35:04 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2016-11-18 18:34:11 ----A---- C:\Windows\system32\pku2u.dll
2016-11-18 18:34:10 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-11-18 18:33:27 ----A---- C:\Windows\system32\termsrv.dll
2016-11-18 18:32:21 ----A---- C:\Windows\SYSWOW64\packager.dll
2016-11-18 18:32:21 ----A---- C:\Windows\system32\packager.dll
2016-11-18 18:30:51 ----A---- C:\Windows\system32\winsta.dll
2016-11-18 18:30:51 ----A---- C:\Windows\system32\winlogon.exe
2016-11-18 18:30:51 ----A---- C:\Windows\system32\rdpcorekmts.dll
2016-11-18 18:30:51 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2016-11-18 18:30:49 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-11-18 18:30:46 ----A---- C:\Windows\SYSWOW64\winsta.dll
2016-11-18 18:29:53 ----A---- C:\Windows\SYSWOW64\rastls.dll
2016-11-18 18:29:53 ----A---- C:\Windows\system32\rastls.dll
2016-11-18 18:29:18 ----A---- C:\Windows\SYSWOW64\mscories.dll
2016-11-18 18:29:18 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2016-11-18 18:29:18 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-18 18:29:18 ----A---- C:\Windows\system32\dfshim.dll
2016-11-18 18:29:16 ----A---- C:\Windows\system32\mscories.dll
2016-11-18 18:29:16 ----A---- C:\Windows\system32\mscorier.dll
2016-11-18 18:26:38 ----A---- C:\Windows\system32\msvcrt.dll
2016-11-18 18:26:37 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2016-11-18 18:26:25 ----A---- C:\Windows\SYSWOW64\synceng.dll
2016-11-18 18:26:25 ----A---- C:\Windows\system32\synceng.dll
2016-11-18 18:26:09 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-11-18 18:25:44 ----A---- C:\Windows\system32\drivers\partmgr.sys
2016-11-18 18:25:30 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2016-11-18 18:25:30 ----A---- C:\Windows\system32\oleacc.dll
2016-11-18 18:25:19 ----A---- C:\Windows\system32\odbctrac.dll
2016-11-18 18:25:19 ----A---- C:\Windows\system32\odbccr32.dll
2016-11-18 18:25:18 ----A---- C:\Windows\system32\odbccu32.dll
2016-11-18 18:25:17 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2016-11-18 18:25:17 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2016-11-18 18:25:17 ----A---- C:\Windows\system32\odbccp32.dll
2016-11-18 18:25:16 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2016-11-18 18:25:16 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2016-11-18 18:25:16 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2016-11-18 18:24:54 ----A---- C:\Windows\system32\webio.dll
2016-11-18 18:24:52 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-11-18 18:24:39 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2016-11-18 18:24:39 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-11-18 18:24:25 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2016-11-18 18:24:25 ----A---- C:\Windows\system32\psisdecd.dll
2016-11-18 18:24:12 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-11-18 18:23:54 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2016-11-18 18:23:54 ----A---- C:\Windows\system32\cdosys.dll
2016-11-18 18:23:35 ----A---- C:\Windows\system32\mfc42u.dll
2016-11-18 18:23:35 ----A---- C:\Windows\system32\mfc42.dll
2016-11-18 18:23:34 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2016-11-18 18:23:34 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2016-11-18 18:22:55 ----A---- C:\Windows\system32\rdrmemptylst.exe
2016-11-18 18:22:55 ----A---- C:\Windows\system32\rdpwsx.dll
2016-11-18 18:22:48 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-11-18 18:22:48 ----A---- C:\Windows\system32\dpnet.dll
2016-11-18 18:22:39 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-11-18 18:22:38 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2016-11-18 18:22:38 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-11-18 18:22:38 ----A---- C:\Windows\system32\dnscacheugc.exe
2016-11-18 18:22:38 ----A---- C:\Windows\system32\dnsapi.dll
2016-11-18 18:22:31 ----A---- C:\Windows\system32\FXSCOVER.exe
2016-11-18 18:20:46 ----A---- C:\Windows\SYSWOW64\sbe.dll
2016-11-18 18:20:46 ----A---- C:\Windows\system32\sbe.dll
2016-11-18 18:20:16 ----A---- C:\Windows\system32\browser.dll
2016-11-18 18:20:15 ----A---- C:\Windows\system32\netapi32.dll
2016-11-18 18:20:15 ----A---- C:\Windows\system32\browcli.dll
2016-11-18 18:20:14 ----A---- C:\Windows\SYSWOW64\browcli.dll
2016-11-18 18:20:13 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2016-11-18 18:10:03 ----A---- C:\Windows\system32\api.dll
2016-11-18 17:57:47 ----D---- C:\Windows\Minidump
2016-11-18 17:06:32 ----A---- C:\Windows\SYSWOW64\osk.exe
2016-11-18 17:06:31 ----A---- C:\Windows\system32\osk.exe
2016-11-18 17:05:31 ----A---- C:\Windows\system32\drivers\netio.sys
2016-11-18 17:05:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-11-18 17:05:30 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-11-18 17:04:05 ----A---- C:\Windows\system32\objsel.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\system32\dpapiprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\system32\cngprovider.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\wincredprovider.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\dimsroam.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\capiprovider.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\adprovider.dll
2016-11-18 17:03:54 ----A---- C:\Windows\SYSWOW64\objsel.dll
2016-11-18 17:02:39 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-11-18 17:02:39 ----A---- C:\Windows\system32\d2d1.dll
2016-11-18 17:02:26 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-11-18 17:02:26 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-11-18 17:02:26 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-11-18 17:02:26 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-11-18 17:02:26 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-11-18 17:02:26 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-11-18 17:02:26 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-11-18 17:02:11 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2016-11-18 17:02:10 ----A---- C:\Windows\SYSWOW64\wscript.exe
2016-11-18 17:02:10 ----A---- C:\Windows\SYSWOW64\cscript.exe
2016-11-18 17:02:10 ----A---- C:\Windows\system32\wscript.exe
2016-11-18 17:02:10 ----A---- C:\Windows\system32\scrrun.dll
2016-11-18 17:02:10 ----A---- C:\Windows\system32\cscript.exe
2016-11-18 17:01:50 ----A---- C:\Windows\SYSWOW64\wmi.dll
2016-11-18 17:01:50 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2016-11-18 17:01:50 ----A---- C:\Windows\system32\wmi.dll
2016-11-18 17:01:50 ----A---- C:\Windows\system32\imagehlp.dll
2016-11-18 17:01:50 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2016-11-18 17:01:39 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2016-11-18 17:01:39 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-11-18 17:01:39 ----A---- C:\Windows\system32\nshwfp.dll
2016-11-18 17:01:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-11-18 17:01:39 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-11-18 17:01:08 ----A---- C:\Windows\system32\drivers\usbscan.sys
2016-11-18 17:01:07 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-11-18 17:01:07 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-11-18 17:00:46 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2016-11-18 17:00:39 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2016-11-18 17:00:39 ----A---- C:\Windows\system32\drivers\usbcir.sys
2016-11-18 17:00:04 ----A---- C:\Windows\system32\certutil.exe
2016-11-18 17:00:03 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-11-18 17:00:03 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-11-18 17:00:03 ----A---- C:\Windows\system32\certenc.dll
2016-11-18 16:36:33 ----D---- C:\f74ac6a2e4cd4e3b05d865d22c91ca77
2016-11-18 16:34:57 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-11-18 16:34:55 ----D---- C:\Program Files\Microsoft Security Client
2016-11-18 15:24:36 ----D---- C:\065499413fda718ad23a4eeb3e452f
2016-11-18 11:16:22 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2016-11-18 11:16:22 ----A---- C:\Windows\system32\infocardapi.dll
2016-11-18 11:16:21 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2016-11-18 11:16:21 ----A---- C:\Windows\system32\icardagt.exe
2016-11-18 11:16:19 ----A---- C:\Windows\SYSWOW64\icardres.dll
2016-11-18 11:16:18 ----A---- C:\Windows\system32\icardres.dll
2016-11-18 11:16:05 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-11-18 11:16:05 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-11-18 11:02:13 ----D---- C:\Program Files\WindowsPowerShell
2016-11-18 11:02:13 ----D---- C:\Program Files (x86)\WindowsPowerShell
2016-11-18 11:02:11 ----D---- C:\Windows\system32\dsc
2016-11-18 11:02:10 ----D---- C:\Windows\system32\Configuration
2016-11-18 11:00:10 ----A---- C:\Windows\SYSWOW64\winrm.vbs
2016-11-18 11:00:10 ----A---- C:\Windows\system32\winrm.vbs
2016-11-18 10:53:22 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-11-18 10:53:22 ----A---- C:\Windows\system32\rdpcore.dll
2016-11-18 10:53:21 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2016-11-18 10:36:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-11-18 10:36:20 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-11-18 10:36:20 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-11-18 10:36:20 ----A---- C:\Windows\system32\msimsg.dll
2016-11-18 10:36:20 ----A---- C:\Windows\system32\msiexec.exe
2016-11-18 10:36:20 ----A---- C:\Windows\system32\consent.exe
2016-11-18 10:36:20 ----A---- C:\Windows\system32\ci.dll
2016-11-18 10:36:20 ----A---- C:\Windows\system32\appinfo.dll
2016-11-18 10:36:19 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-11-18 10:36:18 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-18 10:36:18 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\wups2.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\wups.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\msihnd.dll
2016-11-18 10:36:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-11-18 10:36:17 ----A---- C:\Windows\system32\winresume.exe
2016-11-18 10:36:17 ----A---- C:\Windows\system32\authui.dll
2016-11-18 10:36:16 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-11-18 10:36:16 ----A---- C:\Windows\system32\winload.exe
2016-11-18 10:36:16 ----A---- C:\Windows\system32\drivers\cng.sys
2016-11-18 10:36:16 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-11-18 10:36:14 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-11-18 10:36:14 ----A---- C:\Windows\system32\wuauclt.exe
2016-11-18 10:36:14 ----A---- C:\Windows\system32\wuapp.exe
2016-11-18 10:36:13 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-11-18 10:36:13 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-11-18 10:36:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-11-18 10:36:13 ----A---- C:\Windows\system32\wuwebv.dll
2016-11-18 10:36:13 ----A---- C:\Windows\system32\wudriver.dll
2016-11-18 10:36:13 ----A---- C:\Windows\system32\msi.dll
2016-11-18 10:36:12 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-11-18 10:36:12 ----A---- C:\Windows\system32\wucltux.dll
2016-11-18 10:36:12 ----A---- C:\Windows\system32\wuaueng.dll
2016-11-18 10:36:12 ----A---- C:\Windows\system32\wuapi.dll
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\devobj.dll
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2016-11-18 09:38:21 ----A---- C:\Windows\system32\umpnpmgr.dll
2016-11-18 08:52:12 ----D---- C:\17c74836bad95cfece9144968be5051b
2016-11-18 08:50:19 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-18 08:50:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-17 15:24:30 ----D---- C:\683abb9e7083b46b5b
2016-11-17 15:24:02 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-11-17 15:24:01 ----A---- C:\Windows\system32\poqexec.exe
2016-11-17 15:21:01 ----D---- C:\Windows\system32\appmgmt
2016-11-17 15:18:54 ----D---- C:\681f7de42afc78d472
2016-11-17 13:19:11 ----D---- C:\e1e8a5097f3b1a87e6fd
2016-11-17 13:14:30 ----D---- C:\7e6dde7e4fd166a14a59796db7931f
2016-11-17 10:06:28 ----D---- C:\77b8b98f122ae09806bb9afc97ad843b
2016-11-17 09:53:27 ----D---- C:\1f486f7e6b97a9968f113918dfdb0e49
2016-11-17 09:31:54 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2016-11-17 09:31:49 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2016-11-17 09:31:49 ----A---- C:\Windows\system32\elshyph.dll
2016-11-17 09:31:48 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2016-11-17 09:31:48 ----A---- C:\Windows\SYSWOW64\msls31.dll
2016-11-17 09:31:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2016-11-17 09:31:44 ----A---- C:\Windows\SYSWOW64\url.dll
2016-11-17 09:31:43 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2016-11-17 09:31:43 ----A---- C:\Windows\SYSWOW64\icardie.dll
2016-11-17 09:31:42 ----A---- C:\Windows\SYSWOW64\wextract.exe
2016-11-17 09:31:42 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2016-11-17 09:31:41 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\mshta.exe
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2016-11-17 09:31:38 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2016-11-17 09:31:38 ----A---- C:\Windows\system32\jsIntl.dll
2016-11-17 09:31:37 ----A---- C:\Windows\system32\msls31.dll
2016-11-17 09:31:37 ----A---- C:\Windows\system32\msfeedssync.exe
2016-11-17 09:31:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-11-17 09:31:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2016-11-17 09:31:36 ----A---- C:\Windows\system32\mshtmler.dll
2016-11-17 09:31:36 ----A---- C:\Windows\system32\iesysprep.dll
2016-11-17 09:31:36 ----A---- C:\Windows\system32\IEAdvpack.dll
2016-11-17 09:31:34 ----A---- C:\Windows\system32\ieapfltr.dat
2016-11-17 09:31:34 ----A---- C:\Windows\system32\icardie.dll
2016-11-17 09:31:33 ----A---- C:\Windows\system32\wextract.exe
2016-11-17 09:31:33 ----A---- C:\Windows\system32\url.dll
2016-11-17 09:31:33 ----A---- C:\Windows\system32\licmgr10.dll
2016-11-17 09:31:33 ----A---- C:\Windows\system32\iexpress.exe
2016-11-17 09:31:32 ----A---- C:\Windows\system32\pngfilt.dll
2016-11-17 09:31:32 ----A---- C:\Windows\system32\mshta.exe
2016-11-17 09:31:32 ----A---- C:\Windows\system32\imgutil.dll
2016-11-17 09:31:32 ----A---- C:\Windows\system32\iepeers.dll
2016-11-17 09:30:21 ----A---- C:\Windows\system32\tdh.dll
2016-11-17 09:30:17 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-11-17 09:29:41 ----A---- C:\Windows\system32\taskhost.exe
2016-11-17 09:28:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-11-17 09:28:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-11-17 09:28:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-11-17 09:27:59 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2016-11-17 09:27:59 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2016-11-17 09:27:58 ----A---- C:\Windows\system32\XpsPrint.dll
2016-11-17 09:27:58 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2016-11-17 09:27:57 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2016-11-17 09:27:57 ----A---- C:\Windows\system32\dxgi.dll
2016-11-17 09:27:56 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2016-11-17 09:27:56 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2016-11-17 09:27:56 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2016-11-17 09:27:55 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2016-11-17 09:27:53 ----A---- C:\Windows\system32\d3d10core.dll
2016-11-17 09:27:53 ----A---- C:\Windows\system32\d3d10.dll
2016-11-17 09:27:52 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-11-17 09:27:52 ----A---- C:\Windows\system32\d3d10_1core.dll
2016-11-17 09:27:52 ----A---- C:\Windows\system32\d3d10_1.dll
2016-11-17 09:27:49 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-11-17 09:26:04 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-11-17 09:26:04 ----A---- C:\Windows\system32\d3d11.dll
2016-11-17 08:54:46 ----D---- C:\Program Files (x86)\Opera
2016-11-16 21:13:59 ----D---- C:\Program Files\Common Files\Adobe
2016-11-16 21:13:50 ----D---- C:\Program Files\Adobe
2016-11-16 17:12:00 ----D---- C:\Program Files\CCleaner
2016-11-13 13:45:55 ----D---- C:\Program Files (x86)\JSignPdf
2016-11-05 08:33:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-01 11:44:08 ----D---- C:\Users\Michal\AppData\Roaming\Notepad++
2016-11-01 11:44:08 ----D---- C:\Program Files (x86)\Notepad++
2016-10-31 08:24:09 ----D---- C:\791611f8ebca180afb34
2016-10-31 08:21:09 ----D---- C:\60f3bdfebce2a16a4b
2016-10-28 10:20:30 ----D---- C:\Program Files\Common Files\AV
2016-10-28 10:16:51 ----D---- C:\ProgramData\AVAST Software
2016-10-28 10:15:37 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2016-10-26 19:52:01 ----D---- C:\Symbols
2016-10-26 16:32:30 ----D---- C:\c5e5e52f989d56c4412f5f13c52d
2016-10-25 10:29:00 ----A---- C:\Windows\system32\atl100.dll
2016-10-25 10:27:02 ----A---- C:\Windows\system32\msvcr100.dll
2016-10-25 10:27:02 ----A---- C:\Windows\system32\msvcp100.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfcm100u.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfcm100.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfc100u.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfc100.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100rus.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100kor.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100jpn.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100ita.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100cht.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100chs.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100fra.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100esn.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100enu.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100deu.dll
2016-10-25 10:11:56 ----A---- C:\Windows\system32\vcomp100.dll
2016-10-23 08:25:23 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2016-10-21 07:29:55 ----D---- C:\Users\Michal\AppData\Roaming\dclogs
2016-10-21 07:21:17 ----D---- C:\5f9c2bf18415cadc93cc68920b1261e4
2016-10-21 06:35:46 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2016-11-20 12:48:36 ----D---- C:\Windows\Temp
2016-11-20 12:42:42 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2016-11-20 12:34:36 ----D---- C:\Windows\System32
2016-11-20 12:34:36 ----D---- C:\Windows\inf
2016-11-20 12:34:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-20 12:32:44 ----A---- C:\Windows\SYSWOW64\log.txt
2016-11-20 12:32:09 ----D---- C:\Windows\Tasks
2016-11-20 12:28:18 ----D---- C:\Windows\system32\Tasks
2016-11-20 12:19:25 ----D---- C:\Windows\system32\drivers\Avg
2016-11-19 15:37:41 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2016-11-19 15:20:10 ----RD---- C:\Program Files
2016-11-19 14:44:54 ----D---- C:\Users\Michal\AppData\Roaming\Adobe
2016-11-19 14:23:50 ----D---- C:\Windows
2016-11-19 14:23:39 ----D---- C:\Windows\SysWOW64
2016-11-19 14:23:23 ----D---- C:\Windows\winsxs
2016-11-19 14:22:43 ----SHD---- C:\System Volume Information
2016-11-19 14:22:08 ----D---- C:\Windows\system32\config
2016-11-19 13:45:36 ----D---- C:\Windows\Microsoft.NET
2016-11-19 13:45:27 ----RSD---- C:\Windows\assembly
2016-11-19 13:34:50 ----RD---- C:\Program Files (x86)
2016-11-19 13:34:48 ----D---- C:\Windows\SYSWOW64\wbem
2016-11-19 13:34:48 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-11-19 13:34:48 ----D---- C:\Windows\SYSWOW64\migration
2016-11-19 13:34:48 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-19 13:34:48 ----D---- C:\Windows\system32\wbem
2016-11-19 13:34:48 ----D---- C:\Windows\system32\sk-SK
2016-11-19 13:34:48 ----D---- C:\Windows\system32\LogFiles
2016-11-19 13:34:48 ----D---- C:\Windows\PolicyDefinitions
2016-11-19 13:34:47 ----SD---- C:\ProgramData\Microsoft
2016-11-19 13:34:47 ----D---- C:\Windows\system32\en-US
2016-11-19 13:34:46 ----D---- C:\Windows\system32\DriverStore
2016-11-19 13:31:55 ----D---- C:\Windows\system32\catroot2
2016-11-19 13:09:13 ----D---- C:\Windows\system32\drivers\en-US
2016-11-19 13:09:13 ----D---- C:\Windows\system32\drivers
2016-11-19 12:43:03 ----SHD---- C:\Windows\Installer
2016-11-19 10:14:55 ----RD---- C:\Users
2016-11-19 10:03:56 ----SHD---- C:\$Recycle.Bin
2016-11-19 10:00:18 ----D---- C:\Windows\system32\migration
2016-11-19 03:58:37 ----D---- C:\Windows\system32\wdi
2016-11-18 19:27:26 ----D---- C:\Program Files\Internet Explorer
2016-11-18 19:27:24 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-18 19:27:22 ----D---- C:\Windows\SYSWOW64\Dism
2016-11-18 19:27:02 ----D---- C:\Windows\system32\Dism
2016-11-18 19:26:43 ----D---- C:\Windows\AppPatch
2016-11-18 19:26:42 ----D---- C:\Windows\system32\Boot
2016-11-18 19:26:34 ----D---- C:\Program Files\Windows Journal
2016-11-18 19:25:45 ----D---- C:\Program Files\Common Files\System
2016-11-18 19:00:38 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-11-18 17:59:34 ----D---- C:\Program Files\Windows Defender
2016-11-18 17:59:34 ----D---- C:\Program Files (x86)\Windows Defender
2016-11-18 16:34:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-18 16:32:38 ----D---- C:\Windows\SYSWOW64\de-DE
2016-11-18 16:32:38 ----D---- C:\Windows\system32\de-DE
2016-11-18 16:21:24 ----D---- C:\ProgramData\Package Cache
2016-11-18 16:16:31 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-18 11:21:33 ----D---- C:\ProgramData\Microsoft Help
2016-11-18 11:07:23 ----D---- C:\Windows\Prefetch
2016-11-18 10:39:01 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-18 10:38:17 ----D---- C:\Windows\SoftwareDistribution
2016-11-18 10:37:24 ----D---- C:\Windows\system32\catroot
2016-11-18 09:41:03 ----D---- C:\ProgramData\Atheros
2016-11-17 09:39:39 ----D---- C:\Windows\Panther
2016-11-17 09:36:19 ----RSD---- C:\Windows\Fonts
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\zh-CN
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\pt-PT
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\pt-BR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\nb-NO
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\ko-KR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\ja-JP
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\it-IT
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\es-ES
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\el-GR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\da-DK
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-17 09:36:17 ----D---- C:\Windows\system32\pt-PT
2016-11-17 09:36:17 ----D---- C:\Windows\system32\pt-BR
2016-11-17 09:36:17 ----D---- C:\Windows\system32\it-IT
2016-11-17 09:36:16 ----D---- C:\Windows\system32\zh-TW
2016-11-17 09:36:16 ----D---- C:\Windows\system32\zh-HK
2016-11-17 09:36:16 ----D---- C:\Windows\system32\zh-CN
2016-11-17 09:36:16 ----D---- C:\Windows\system32\tr-TR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\sv-SE
2016-11-17 09:36:16 ----D---- C:\Windows\system32\ru-RU
2016-11-17 09:36:16 ----D---- C:\Windows\system32\pl-PL
2016-11-17 09:36:16 ----D---- C:\Windows\system32\nl-NL
2016-11-17 09:36:16 ----D---- C:\Windows\system32\nb-NO
2016-11-17 09:36:16 ----D---- C:\Windows\system32\ko-KR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\ja-JP
2016-11-17 09:36:16 ----D---- C:\Windows\system32\hu-HU
2016-11-17 09:36:16 ----D---- C:\Windows\system32\fr-FR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\fi-FI
2016-11-17 09:36:16 ----D---- C:\Windows\system32\es-ES
2016-11-17 09:36:16 ----D---- C:\Windows\system32\el-GR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\da-DK
2016-11-17 09:36:16 ----D---- C:\Windows\system32\cs-CZ
2016-11-17 09:35:37 ----D---- C:\Windows\Logs
2016-11-17 09:30:51 ----HD---- C:\ProgramData
2016-11-16 21:15:33 ----D---- C:\ProgramData\Adobe
2016-11-16 21:14:03 ----D---- C:\Program Files\Common Files
2016-11-16 21:07:41 ----D---- C:\Program Files (x86)\Adobe
2016-11-16 17:13:50 ----D---- C:\Users\Michal\AppData\Roaming\Media Player Classic
2016-11-16 17:13:34 ----D---- C:\Windows\debug
2016-11-08 15:46:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-08 15:46:32 ----D---- C:\Windows\system32\Macromed
2016-11-08 15:46:30 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-28 10:27:55 ----D---- C:\ProgramData\Skype
2016-10-28 10:27:51 ----RD---- C:\Program Files (x86)\Skype
2016-10-28 10:27:51 ----D---- C:\Program Files (x86)\Common Files
2016-10-28 02:22:26 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-23 10:10:09 ----D---- C:\Users\Michal\AppData\Roaming\HpUpdate
2016-10-23 08:11:05 ----D---- C:\Program Files (x86)\VideoLAN

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-02-14 37472]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-01-31 652784]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-01-31 28656]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2016-10-07 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-10-07 834544]
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [2016-10-07 282976]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [2016-10-07 35664]
R1 AvgTdiA;AVG Free Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [2016-10-07 317520]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2016-09-12 920168]
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [2016-09-12 121248]
R1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [2016-09-12 195936]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2016-09-12 149256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2016-10-07 33560]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-25 11645952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-25 581632]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-04-11 164832]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-01-24 89168]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-03-24 3884032]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-01-24 346192]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-01-24 115280]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2013-01-24 34384]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2013-01-24 179432]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-01-24 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2013-01-24 136424]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-01-24 581200]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2016-11-18 80384]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2013-03-05 1680992]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-02-27 355664]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-04-18 5358784]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-04-22 342528]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-04-03 128200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-04-24 8243144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2016-11-18 552960]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2013-03-25 132920]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-01-15 327240]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2016-11-18 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-12 744640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-25 241152]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-04-11 772064]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-24 227456]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2016-10-07 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2016-10-07 308136]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-03-18 1124728]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-03-18 1366392]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-03-18 1161592]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2013-03-05 202400]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-04-18 621296]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-31 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-21 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-09-11 277792]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-04-18 149744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-09-11 365344]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-07-14 107192]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-07-14 128696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-14 52920]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-24 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-18 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-19 172488]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-04-18 273136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]

#7 Příspěvek od **Rudy** » 20 lis 2016 18:47

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Users\Michal\AppData\Local\Microsoft\BingSvc
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\tasks\{9FEBF33B-2074-414C-8502-E337530B2EEE}
C:\Windows\system32\tasks\{ED0C19EC-E733-47DA-A367-34EAE657BBBF}

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

michal1097 · #8 Příspěvek od **michal1097** » 20 lis 2016 20:14

Logfile of random's system information tool 1.14 (written by random/random)
Run by Michal at 2016-11-20 20:12:33
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 266 GB (60%) free of 443 GB
Total RAM: 3965 MB (45% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:40, on 20. 11. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\trend micro\Michal_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noneblock.biz/wpad.dat?eeecfca40 ... 1918000941
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [java] C:\Users\Michal\AppData\Roaming\DCSCMIN\IMDCSC.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: xranhgo - C:\Users\Michal\AppData\Local\xranhgo.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13317 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
"C:\Program Files (x86)\AVG\AVG9\avgchsva.exe"
"C:\Program Files (x86)\AVG\AVG9\avgrsa.exe"
C:\Windows\system32\winlogon.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\AVG\AVG9\avgnsa.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\AVG\AVG9\avgemc.exe"
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\11202016_200450.log
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe" --xmlFilePath="C:\Users\Michal\AppData\Local\Temp\adobegc_a04296" --workflowInitiator=CSUpdater --xmlFilePath2="C:\Users\Public\Documents\AdobeGC\adobegc_a04296"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Michal\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.0.327" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="4788.0.1244731780\1726602849" /prefetch:673131151
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\Windows\system32\conhost.exe "18363287387129337111022697991615614186-503731325-2093507785-432974969-519279062
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Michal\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.9.0.327" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="4788.1.1505642804\936007756" /prefetch:673131151
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Michal\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Norton Product Installer.job - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=2
C:\Windows\tasks\Norton Product InstallerIdle.job - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=4
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 1510 series - "C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00
C:\Windows\system32\tasks\Norton Product Installer - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=2
C:\Windows\system32\tasks\Norton Product InstallerIdle - C:\Users\Michal\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld13_16_46 /delay=0 /launchedby=4
C:\Windows\system32\tasks\{9FEBF33B-2074-414C-8502-E337530B2EEE} - C:\Windows\system32\pcalua.exe -a "C:\Users\Michal\Desktop\Nový priečinok\Windows.Media.Player.12.v.2.CZ..exe" -d "C:\Users\Michal\Desktop\Nový priečinok"
C:\Windows\system32\tasks\{ED0C19EC-E733-47DA-A367-34EAE657BBBF} - C:\Windows\system32\pcalua.exe -a C:\Users\Michal\Desktop\wsusoffline\client\cpp\vcredist2008_x64.exe -d C:\Users\Michal\Desktop\wsusoffline\client\cpp
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\MpIdleTask - c:\Program Files\Microsoft Security Client\\MpCmdRun.exe -IdleTask -TaskName MpIdleTask
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default

prefs.js - "browser.startup.homepage" - "https://www.google.sk/?gfe_rd=cr&ei=oRv ... gws_rd=ssl"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
NPSibelius.dll
PDFNetC.dll
ScorchAxPlugin.dll
ScorchPDFWrapper.dll

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions.json
Bing Search - extension - bingsearch.full@microsoft.com - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions\bingsearch.full@microsoft.com.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\crsahtbq.default\pluginreg.dat
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.4.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - ScorchPlugin - 6.2.0.88 - C:\Program Files (x86)\Sibelius Software\Scorch\NPSibelius.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 2.1.42.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

=========Google Chrome=========

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: https://www.google.sk/
default_search_provider.search_url:
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [2016-10-07 2334560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-01-31 36352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-03-05 2876816]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-24 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-04-24 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-24 442352]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-02-04 899680]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-09-17 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-04-12 7770936]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2016-10-07 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2016-10-07 191544]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-08-30 1354712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-24 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-10-17 27011712]
"java"=C:\Users\Michal\AppData\Roaming\DCSCMIN\IMDCSC.exe []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-11-07 9108184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-25 642816]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2016-10-07 2079792]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-12 2383040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-24 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-04-18 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\system32\rundll32.exe"="C:\Windows\system32\rundll32.exe:*:Enabled:rundll32"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-20 20:04:50 ----D---- C:\_OTM
2016-11-20 16:36:19 ----SHD---- C:\Config.Msi
2016-11-20 15:35:21 ----SD---- C:\Windows\system32\CompatTel
2016-11-20 15:35:21 ----D---- C:\Windows\system32\appraiser
2016-11-20 15:31:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-11-20 15:04:46 ----D---- C:\Windows\system32\MRT
2016-11-20 15:04:27 ----AC---- C:\Windows\system32\MRT.exe
2016-11-20 14:32:58 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2016-11-20 14:32:58 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2016-11-20 14:32:57 ----A---- C:\Windows\system32\WUDFSvc.dll
2016-11-20 14:32:57 ----A---- C:\Windows\system32\WUDFPlatform.dll
2016-11-20 14:32:56 ----A---- C:\Windows\system32\WUDFx.dll
2016-11-20 14:32:56 ----A---- C:\Windows\system32\WUDFHost.exe
2016-11-20 14:32:56 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2016-11-20 14:21:15 ----A---- C:\Windows\system32\KBDTAT.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\system32\KBDYAK.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\system32\KBDRU1.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\system32\KBDRU.DLL
2016-11-20 14:21:14 ----A---- C:\Windows\system32\KBDBASH.DLL
2016-11-20 14:21:12 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2016-11-20 14:21:12 ----A---- C:\Windows\system32\cewmdm.dll
2016-11-20 14:21:11 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-11-20 14:21:11 ----A---- C:\Windows\system32\wpdshext.dll
2016-11-20 14:13:38 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-11-20 14:13:38 ----A---- C:\Windows\system32\mfds.dll
2016-11-20 14:10:55 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-11-20 14:10:55 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-11-20 14:10:54 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-11-20 14:10:53 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-11-20 14:10:53 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-11-20 14:10:53 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-11-20 14:10:53 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-11-20 14:10:53 ----A---- C:\Windows\system32\wmpmde.dll
2016-11-20 14:10:53 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-11-20 14:10:53 ----A---- C:\Windows\system32\mcmde.dll
2016-11-20 14:10:52 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-11-20 14:10:52 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-11-20 14:10:52 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-11-20 14:10:52 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-11-20 14:10:52 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-11-20 14:10:52 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-11-20 14:10:52 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-11-20 14:10:51 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-11-20 14:10:51 ----A---- C:\Windows\system32\mfvdsp.dll
2016-11-20 14:09:01 ----A---- C:\Windows\system32\wmp.dll
2016-11-20 14:09:00 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-11-20 14:09:00 ----A---- C:\Windows\system32\mf.dll
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-11-20 14:08:59 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-11-20 14:08:59 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-11-20 14:08:59 ----A---- C:\Windows\system32\mfplat.dll
2016-11-20 14:08:59 ----A---- C:\Windows\system32\evr.dll
2016-11-20 14:08:59 ----A---- C:\Windows\system32\drmv2clt.dll
2016-11-20 14:08:59 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-11-20 14:08:59 ----A---- C:\Windows\system32\blackbox.dll
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-11-20 14:08:58 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-11-20 14:08:58 ----A---- C:\Windows\system32\wmploc.DLL
2016-11-20 14:08:58 ----A---- C:\Windows\system32\spwmp.dll
2016-11-20 14:08:58 ----A---- C:\Windows\system32\rrinstaller.exe
2016-11-20 14:08:58 ----A---- C:\Windows\system32\msscp.dll
2016-11-20 14:08:58 ----A---- C:\Windows\system32\msnetobj.dll
2016-11-20 14:08:58 ----A---- C:\Windows\system32\mfps.dll
2016-11-20 14:08:58 ----A---- C:\Windows\system32\mfpmp.exe
2016-11-20 14:08:58 ----A---- C:\Windows\system32\mferror.dll
2016-11-20 14:08:58 ----A---- C:\Windows\system32\dxmasf.dll
2016-11-20 12:24:38 ----D---- C:\AdwCleaner
2016-11-19 15:20:10 ----D---- C:\rsit
2016-11-19 15:20:10 ----D---- C:\Program Files\trend micro
2016-11-19 14:19:05 ----A---- C:\Windows\system32\D3DX9_43.dll
2016-11-19 14:18:17 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2016-11-19 14:04:02 ----A---- C:\Windows\system32\xinput1_3.dll
2016-11-19 14:03:14 ----A---- C:\Windows\ntbtlog.txt
2016-11-19 13:34:50 ----D---- C:\Program Files\Windows Portable Devices
2016-11-19 13:34:50 ----D---- C:\Program Files\Windows Media Player
2016-11-19 13:34:50 ----D---- C:\Program Files\DVD Maker
2016-11-19 13:34:50 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-11-19 13:34:50 ----D---- C:\Program Files (x86)\Windows Media Player
2016-11-19 13:34:48 ----D---- C:\Windows\SYSWOW64\LogFiles
2016-11-19 13:34:48 ----D---- C:\Windows\ehome
2016-11-19 13:29:00 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2016-11-19 13:29:00 ----A---- C:\Windows\system32\wmdmlog.dll
2016-11-19 13:28:58 ----A---- C:\Windows\SYSWOW64\audiodev.dll
2016-11-19 13:28:55 ----A---- C:\Windows\system32\wmpshell.dll
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\WPDShextAutoplay.exe
2016-11-19 13:28:54 ----A---- C:\Windows\SYSWOW64\logagent.exe
2016-11-19 13:28:54 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-11-19 13:28:53 ----A---- C:\Windows\SYSWOW64\wmdmlog.dll
2016-11-19 13:28:47 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2016-11-19 13:28:44 ----A---- C:\Windows\system32\wmdmps.dll
2016-11-19 13:28:43 ----A---- C:\Windows\system32\sysprepMCE.dll
2016-11-19 13:28:42 ----A---- C:\Windows\SYSWOW64\WmpDui.dll
2016-11-19 13:28:42 ----A---- C:\Windows\system32\iTVData.dll
2016-11-19 13:28:41 ----A---- C:\Windows\system32\WmpDui.dll
2016-11-19 13:28:39 ----A---- C:\Windows\system32\MsPbdaCoInst.dll
2016-11-19 13:28:39 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2016-11-19 13:28:30 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2016-11-19 13:28:28 ----A---- C:\Windows\SYSWOW64\unregmp2.exe
2016-11-19 13:28:28 ----A---- C:\Windows\system32\logagent.exe
2016-11-19 13:28:27 ----A---- C:\Windows\system32\unregmp2.exe
2016-11-19 13:28:21 ----A---- C:\Windows\SYSWOW64\wmdmps.dll
2016-11-19 13:28:21 ----A---- C:\Windows\system32\LAPRXY.DLL
2016-11-19 13:28:20 ----A---- C:\Windows\SYSWOW64\iTVData.dll
2016-11-19 13:28:16 ----A---- C:\Windows\system32\wmidx.dll
2016-11-19 13:28:15 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2016-11-19 13:28:14 ----A---- C:\Windows\SYSWOW64\MediaMetadataHandler.dll
2016-11-19 13:28:14 ----A---- C:\Windows\system32\wmpcm.dll
2016-11-19 13:28:05 ----A---- C:\Windows\SYSWOW64\PortableDeviceConnectApi.dll
2016-11-19 13:28:04 ----A---- C:\Windows\system32\mcsrchPH.dll
2016-11-19 13:27:57 ----A---- C:\Windows\SYSWOW64\wmcodecdspps.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmnet.dll
2016-11-19 13:27:56 ----A---- C:\Windows\system32\wmdrmdev.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\wpdwcn.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\PortableDeviceClassExtension.dll
2016-11-19 13:27:54 ----A---- C:\Windows\SYSWOW64\LAPRXY.DLL
2016-11-19 13:27:54 ----A---- C:\Windows\system32\wpdwcn.dll
2016-11-19 13:27:54 ----A---- C:\Windows\system32\wpd_ci.dll
2016-11-19 13:27:54 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2016-11-19 13:27:50 ----A---- C:\Windows\SYSWOW64\wmidx.dll
2016-11-19 13:27:50 ----A---- C:\Windows\SYSWOW64\PortableDeviceWiaCompat.dll
2016-11-19 13:27:50 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\WPDSp.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\PortableDeviceWMDRM.dll
2016-11-19 13:27:49 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2016-11-19 13:27:49 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\wmpcm.dll
2016-11-19 13:27:48 ----A---- C:\Windows\SYSWOW64\mswmdm.dll
2016-11-19 13:27:47 ----A---- C:\Windows\system32\wmvdspa.dll
2016-11-19 13:27:47 ----A---- C:\Windows\system32\wmpeffects.dll
2016-11-19 13:27:46 ----A---- C:\Windows\system32\wmpsrcwp.dll
2016-11-19 13:27:40 ----A---- C:\Windows\system32\WMASF.DLL
2016-11-19 13:27:40 ----A---- C:\Windows\system32\mspbda.dll
2016-11-19 13:27:40 ----A---- C:\Windows\system32\msdri.dll
2016-11-19 13:27:34 ----A---- C:\Windows\SYSWOW64\PortableDeviceTypes.dll
2016-11-19 13:27:34 ----A---- C:\Windows\SYSWOW64\PortableDeviceApi.dll
2016-11-19 13:27:34 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2016-11-19 13:27:34 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2016-11-19 13:27:32 ----A---- C:\Windows\SYSWOW64\mfAACEnc.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\mfreadwrite.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\MFPlay.dll
2016-11-19 13:27:32 ----A---- C:\Windows\system32\mfAACEnc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\wmdrmnet.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\wmdrmdev.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\SYSWOW64\mfdvdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfmjpegdec.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfh264enc.dll
2016-11-19 13:27:30 ----A---- C:\Windows\system32\mfdvdec.dll
2016-11-19 13:27:26 ----A---- C:\Windows\SYSWOW64\wmpps.dll
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\wmvdspa.dll
2016-11-19 13:27:23 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2016-11-19 13:27:22 ----A---- C:\Windows\SYSWOW64\wmpsrcwp.dll
2016-11-19 13:27:20 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2016-11-19 13:27:10 ----A---- C:\Windows\SYSWOW64\PortableDeviceStatus.dll
2016-11-19 13:27:10 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2016-11-19 13:27:09 ----A---- C:\Windows\system32\Mcx2Svc.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\wmerror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\SYSWOW64\asferror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\wmerror.dll
2016-11-19 13:27:07 ----A---- C:\Windows\system32\asferror.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\WPDSp.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\wmpdxm.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2016-11-19 13:26:59 ----A---- C:\Windows\system32\mswmdm.dll
2016-11-19 13:26:55 ----A---- C:\Windows\system32\wmpps.dll
2016-11-19 13:26:49 ----A---- C:\Windows\system32\wmcodecdspps.dll
2016-11-19 13:26:15 ----A---- C:\Windows\SYSWOW64\wmpdxm.dll
2016-11-19 13:26:09 ----A---- C:\Windows\system32\WMNetMgr.dll
2016-11-19 13:26:08 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2016-11-19 13:25:59 ----A---- C:\Windows\system32\WMPEncEn.dll
2016-11-19 13:25:58 ----A---- C:\Windows\system32\WMVCORE.DLL
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2016-11-19 13:25:54 ----A---- C:\Windows\SYSWOW64\WMPEncEn.dll
2016-11-19 13:08:19 ----A---- C:\Windows\system32\wksprt.exe
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2016-11-19 13:08:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\tsgqec.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\rdvidcrl.dll
2016-11-19 13:08:18 ----A---- C:\Windows\system32\mstscax.dll
2016-11-19 13:08:02 ----A---- C:\Windows\system32\TSWbPrxy.exe
2016-11-19 12:56:46 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-11-19 12:56:38 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-19 12:56:38 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-19 12:56:38 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2016-11-19 12:56:36 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2016-11-19 12:56:36 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2016-11-19 12:56:36 ----A---- C:\Windows\system32\wksprtPS.dll
2016-11-19 12:56:36 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2016-11-19 12:56:35 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-11-19 12:56:35 ----A---- C:\Windows\system32\mstsc.exe
2016-11-19 10:00:23 ----D---- C:\Windows\SYSWOW64\Configuration
2016-11-19 09:56:02 ----A---- C:\Windows\SYSWOW64\pwrshplugin.dll
2016-11-19 09:56:02 ----A---- C:\Windows\system32\pwrshplugin.dll
2016-11-19 09:55:58 ----A---- C:\Windows\system32\winrscmd.dll
2016-11-19 09:55:58 ----A---- C:\Windows\system32\ncobjapi.dll
2016-11-19 09:55:53 ----A---- C:\Windows\SYSWOW64\winrscmd.dll
2016-11-19 09:55:53 ----A---- C:\Windows\SYSWOW64\ncobjapi.dll
2016-11-19 09:55:52 ----A---- C:\Windows\system32\Register-CimProvider.exe
2016-11-19 09:55:47 ----A---- C:\Windows\system32\winrshost.exe
2016-11-19 09:55:46 ----A---- C:\Windows\SYSWOW64\Register-CimProvider.exe
2016-11-19 09:55:42 ----A---- C:\Windows\SYSWOW64\winrs.exe
2016-11-19 09:55:42 ----A---- C:\Windows\system32\winrs.exe
2016-11-19 09:55:41 ----A---- C:\Windows\SYSWOW64\wecapi.dll
2016-11-19 09:55:41 ----A---- C:\Windows\system32\winrm.cmd
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wevtfwd.dll
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wecutil.exe
2016-11-19 09:55:41 ----A---- C:\Windows\system32\wecapi.dll
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\winrshost.exe
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\wevtfwd.dll
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\wecutil.exe
2016-11-19 09:55:40 ----A---- C:\Windows\SYSWOW64\prvdmofcomp.dll
2016-11-19 09:55:40 ----A---- C:\Windows\system32\wecsvc.dll
2016-11-19 09:55:33 ----A---- C:\Windows\SYSWOW64\winrm.cmd
2016-11-19 09:55:32 ----A---- C:\Windows\SYSWOW64\winrsmgr.dll
2016-11-19 09:55:32 ----A---- C:\Windows\system32\winrsmgr.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\WsmAgent.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\winrssrv.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\PSModuleDiscoveryProvider.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\prvdmofcomp.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\DscTimer.dll
2016-11-19 09:55:18 ----A---- C:\Windows\system32\DscProxy.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\framedynos.dll
2016-11-19 09:55:15 ----A---- C:\Windows\SYSWOW64\framedyn.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\WsmRes.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\framedynos.dll
2016-11-19 09:55:15 ----A---- C:\Windows\system32\framedyn.dll
2016-11-19 09:55:12 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-11-19 09:55:12 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-11-19 09:55:12 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-11-19 09:55:11 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\WsmAgent.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\winrssrv.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\PSModuleDiscoveryProvider.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\miutils.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\mi.dll
2016-11-19 09:55:00 ----A---- C:\Windows\SYSWOW64\DscCoreConfProv.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\miutils.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\mi.dll
2016-11-19 09:55:00 ----A---- C:\Windows\system32\DscCoreConfProv.dll
2016-11-19 09:54:59 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-11-19 09:54:51 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-11-19 09:54:50 ----A---- C:\Windows\SYSWOW64\wmitomi.dll
2016-11-19 09:54:50 ----A---- C:\Windows\SYSWOW64\wmidcom.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\wmitomi.dll
2016-11-19 09:54:50 ----A---- C:\Windows\system32\wmidcom.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\mimofcodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\SYSWOW64\mibincodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mpunits.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mpeval.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mimofcodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\mibincodec.dll
2016-11-19 09:54:37 ----A---- C:\Windows\system32\DscCore.dll
2016-11-19 09:54:36 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-11-19 09:54:36 ----A---- C:\Windows\SYSWOW64\WsmGCDeps.dll
2016-11-19 09:54:36 ----A---- C:\Windows\system32\WsmGCDeps.dll
2016-11-19 09:54:36 ----A---- C:\Windows\system32\WsmAuto.dll
2016-11-19 09:54:35 ----A---- C:\Windows\system32\WsmSvc.dll
2016-11-19 09:54:34 ----A---- C:\Windows\SYSWOW64\wbemcomn2.dll
2016-11-19 09:54:34 ----A---- C:\Windows\system32\wbemcomn2.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kdusb.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kdcom.dll
2016-11-18 19:22:11 ----A---- C:\Windows\system32\kd1394.dll
2016-11-18 19:19:47 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-18 19:19:47 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-18 19:19:46 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-18 19:19:46 ----A---- C:\Windows\system32\advapi32.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\tzres.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\crypt32.dll
2016-11-18 19:19:45 ----A---- C:\Windows\system32\certcli.dll
2016-11-18 19:19:44 ----A---- C:\Windows\system32\sspicli.dll
2016-11-18 19:19:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-18 19:19:43 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-18 19:19:42 ----A---- C:\Windows\system32\secur32.dll
2016-11-18 19:19:42 ----A---- C:\Windows\system32\lsass.exe
2016-11-18 19:19:41 ----A---- C:\Windows\system32\msaudite.dll
2016-11-18 19:19:41 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-18 19:19:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-18 19:19:41 ----A---- C:\Windows\system32\auditpol.exe
2016-11-18 19:19:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-18 19:19:40 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\schannel.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\msobjs.dll
2016-11-18 19:19:40 ----A---- C:\Windows\system32\adtschema.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-18 19:19:39 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-18 19:19:38 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-11-18 19:19:38 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-18 19:19:38 ----A---- C:\Windows\system32\FntCache.dll
2016-11-18 19:19:38 ----A---- C:\Windows\system32\DWrite.dll
2016-11-18 19:19:37 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-11-18 19:19:33 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\srclient.dll
2016-11-18 19:19:32 ----A---- C:\Windows\system32\rstrui.exe
2016-11-18 19:19:31 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-18 19:19:31 ----A---- C:\Windows\system32\srcore.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-18 19:19:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-18 19:19:28 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-18 19:19:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-18 19:19:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-18 19:19:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-18 19:19:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-18 19:19:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-18 19:19:26 ----A---- C:\Windows\system32\ieui.dll
2016-11-18 19:19:26 ----A---- C:\Windows\system32\ieframe.dll
2016-11-18 19:19:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-18 19:19:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-18 19:19:24 ----A---- C:\Windows\system32\mshtml.dll
2016-11-18 19:19:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-18 19:19:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-18 19:19:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-18 19:19:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-18 19:19:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-18 19:19:22 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-18 19:19:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-18 19:19:21 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-18 19:19:21 ----A---- C:\Windows\system32\webcheck.dll
2016-11-18 19:19:21 ----A---- C:\Windows\system32\occache.dll
2016-11-18 19:19:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-18 19:19:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-18 19:19:20 ----A---- C:\Windows\system32\iernonce.dll
2016-11-18 19:19:20 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-18 19:19:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\jscript.dll
2016-11-18 19:19:19 ----A---- C:\Windows\system32\iesetup.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-18 19:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-18 19:19:18 ----A---- C:\Windows\system32\jscript9.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-18 19:19:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\vbscript.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-18 19:19:17 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-18 19:19:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-18 19:19:16 ----A---- C:\Windows\system32\wininet.dll
2016-11-18 19:19:16 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-18 19:19:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-18 19:19:12 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-18 19:19:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-18 19:19:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-18 19:19:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-18 19:19:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-18 19:19:10 ----A---- C:\Windows\system32\urlmon.dll
2016-11-18 19:19:10 ----A---- C:\Windows\system32\msrating.dll
2016-11-18 19:19:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-18 19:19:09 ----A---- C:\Windows\system32\iertutil.dll
2016-11-18 19:19:08 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-18 19:19:08 ----A---- C:\Windows\system32\inseng.dll
2016-11-18 19:19:06 ----A---- C:\Windows\system32\scavengeui.dll
2016-11-18 19:19:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-18 19:19:06 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\cryptui.dll
2016-11-18 19:19:05 ----A---- C:\Windows\system32\cryptsp.dll
2016-11-18 19:19:05 ----A---- C:\Windows\system32\clfs.sys
2016-11-18 19:19:05 ----A---- C:\Windows\system32\atmfd.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\msmmsp.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\lpk.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\fontsub.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\dciman32.dll
2016-11-18 19:19:04 ----A---- C:\Windows\system32\atmlib.dll
2016-11-18 19:19:03 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-18 19:19:03 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-11-18 19:19:03 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-18 19:19:02 ----A---- C:\Windows\system32\win32k.sys
2016-11-18 19:19:02 ----A---- C:\Windows\system32\msctf.dll
2016-11-18 19:19:02 ----A---- C:\Windows\system32\input.dll
2016-11-18 19:19:01 ----A---- C:\Windows\system32\adsmsext.dll
2016-11-18 19:18:57 ----A---- C:\Windows\system32\cryptsvc.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\wintrust.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-18 19:18:56 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\kerberos.dll
2016-11-18 19:18:56 ----A---- C:\Windows\system32\cryptnet.dll
2016-11-18 19:18:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\winsrv.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-18 19:18:55 ----A---- C:\Windows\system32\credssp.dll
2016-11-18 19:18:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-18 19:18:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-18 19:18:54 ----A---- C:\Windows\system32\wdigest.dll
2016-11-18 19:18:54 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-18 19:18:53 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\kernel32.dll
2016-11-18 19:18:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-18 19:18:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-18 19:18:52 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-18 19:18:52 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-18 19:18:49 ----A---- C:\Windows\system32\smss.exe
2016-11-18 19:18:49 ----A---- C:\Windows\system32\conhost.exe
2016-11-18 19:18:49 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-18 19:18:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-18 19:18:48 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-18 19:18:48 ----A---- C:\Windows\system32\ntdll.dll
2016-11-18 19:18:48 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-18 19:18:47 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64win.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\wow64.dll
2016-11-18 19:18:47 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-18 19:18:35 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-18 19:17:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-18 19:17:29 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-18 19:17:28 ----A---- C:\Windows\system32\win32spl.dll
2016-11-18 19:17:28 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-11-18 19:17:27 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-11-18 19:17:27 ----A---- C:\Windows\system32\EncDump.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\audiosrv.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AudioSes.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-11-18 19:17:26 ----A---- C:\Windows\system32\AudioEng.dll
2016-11-18 19:17:25 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-11-18 19:17:25 ----A---- C:\Windows\system32\quartz.dll
2016-11-18 19:17:25 ----A---- C:\Windows\system32\audiodg.exe
2016-11-18 19:17:20 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-11-18 19:17:20 ----A---- C:\Windows\system32\qdvd.dll
2016-11-18 19:17:18 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-18 19:17:18 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-18 19:17:18 ----A---- C:\Windows\system32\INETRES.dll
2016-11-18 19:17:17 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-18 19:17:17 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-18 19:17:17 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-18 19:17:16 ----A---- C:\Windows\system32\appidapi.dll
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-18 19:17:15 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-18 19:17:13 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-18 19:17:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-18 19:17:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-18 19:17:11 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-18 19:17:10 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-11-18 19:17:09 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-18 19:17:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-18 19:17:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-18 19:17:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-18 19:17:05 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-18 19:17:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-18 19:17:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-18 19:17:02 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-11-18 19:17:01 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-11-18 19:17:00 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-18 19:17:00 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-18 19:16:59 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-11-18 19:16:59 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-18 19:16:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-18 19:16:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-18 19:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-18 19:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-18 19:16:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-18 19:16:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-18 19:16:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-18 19:16:51 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-18 19:16:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-18 19:16:49 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-18 19:16:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-18 19:16:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-18 19:16:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-18 19:16:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-18 19:16:44 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-18 19:16:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

michal1097 · #9 Příspěvek od **michal1097** » 20 lis 2016 20:15

pokračovanie tu...

2016-11-18 19:16:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-18 19:16:42 ----A---- C:\Windows\system32\WebClnt.dll
2016-11-18 19:16:42 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-11-18 19:16:41 ----A---- C:\Windows\system32\pcaevts.dll
2016-11-18 19:16:41 ----A---- C:\Windows\system32\pcadm.dll
2016-11-18 19:16:41 ----A---- C:\Windows\system32\davclnt.dll
2016-11-18 19:16:40 ----A---- C:\Windows\system32\pcawrk.exe
2016-11-18 19:16:40 ----A---- C:\Windows\system32\pcalua.exe
2016-11-18 19:16:39 ----A---- C:\Windows\system32\pcasvc.dll
2016-11-18 19:12:55 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-11-18 19:12:55 ----A---- C:\Windows\system32\user32.dll
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-11-18 19:12:35 ----A---- C:\Windows\system32\drivers\srv.sys
2016-11-18 19:11:46 ----A---- C:\Windows\system32\wpnpinst.exe
2016-11-18 19:11:46 ----A---- C:\Windows\system32\ntprint.exe
2016-11-18 19:11:46 ----A---- C:\Windows\system32\inetppui.dll
2016-11-18 19:11:46 ----A---- C:\Windows\system32\inetpp.dll
2016-11-18 19:11:45 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-11-18 19:11:45 ----A---- C:\Windows\system32\ntprint.dll
2016-11-18 19:11:45 ----A---- C:\Windows\system32\localspl.dll
2016-11-18 19:11:44 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-11-18 19:11:25 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-11-18 19:11:24 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-11-18 19:11:04 ----A---- C:\Windows\system32\netbtugc.exe
2016-11-18 19:11:04 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-11-18 19:11:03 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\ws2_32.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\winhttp.dll
2016-11-18 19:11:03 ----A---- C:\Windows\system32\mswsock.dll
2016-11-18 19:10:44 ----A---- C:\Windows\system32\gdi32.dll
2016-11-18 19:10:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-11-18 19:10:22 ----A---- C:\Windows\system32\gpsvc.dll
2016-11-18 19:10:22 ----A---- C:\Windows\system32\gpapi.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2016-11-18 19:10:21 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpscript.exe
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpscript.dll
2016-11-18 19:10:21 ----A---- C:\Windows\system32\gpprefcl.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-11-18 19:10:20 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\winipsec.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\polstore.dll
2016-11-18 19:10:20 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-11-18 19:10:20 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-11-18 19:08:48 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-11-18 19:08:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-11-18 19:08:48 ----A---- C:\Windows\system32\cdd.dll
2016-11-18 19:08:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-11-18 19:08:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-11-18 19:07:51 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-11-18 19:07:51 ----A---- C:\Windows\system32\d3d10level9.dll
2016-11-18 19:07:30 ----A---- C:\Windows\system32\samsrv.dll
2016-11-18 19:07:30 ----A---- C:\Windows\system32\samlib.dll
2016-11-18 19:07:29 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-11-18 19:06:45 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-18 19:06:44 ----A---- C:\Windows\system32\ole32.dll
2016-11-18 19:05:43 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-11-18 19:05:43 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-11-18 19:05:43 ----A---- C:\Windows\system32\msxml3.dll
2016-11-18 19:05:42 ----A---- C:\Windows\system32\msxml3r.dll
2016-11-18 19:05:25 ----A---- C:\Windows\system32\seclogon.dll
2016-11-18 19:05:06 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-11-18 19:03:21 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-11-18 19:03:21 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-11-18 19:03:21 ----A---- C:\Windows\system32\EncDec.dll
2016-11-18 19:03:21 ----A---- C:\Windows\system32\CPFilters.dll
2016-11-18 19:00:45 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-11-18 19:00:44 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-11-18 19:00:44 ----A---- C:\Windows\system32\qasf.dll
2016-11-18 19:00:44 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-11-18 19:00:41 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-11-18 19:00:41 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-11-18 19:00:41 ----A---- C:\Windows\system32\ksuser.dll
2016-11-18 19:00:40 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-11-18 19:00:40 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-11-18 19:00:40 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-11-18 19:00:39 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-11-18 19:00:39 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-11-18 19:00:38 ----A---- C:\Windows\system32\SysFxUI.dll
2016-11-18 19:00:38 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-11-18 19:00:38 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-11-18 19:00:38 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-11-18 19:00:06 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-11-18 19:00:06 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-11-18 19:00:06 ----A---- C:\Windows\system32\devenum.dll
2016-11-18 19:00:05 ----A---- C:\Windows\system32\qedit.dll
2016-11-18 18:59:44 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-11-18 18:59:44 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-11-18 18:59:44 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-11-18 18:59:44 ----A---- C:\Windows\system32\mapistub.dll
2016-11-18 18:59:44 ----A---- C:\Windows\system32\mapi32.dll
2016-11-18 18:59:43 ----A---- C:\Windows\system32\fixmapi.exe
2016-11-18 18:58:41 ----A---- C:\Windows\SYSWOW64\els.dll
2016-11-18 18:58:41 ----A---- C:\Windows\system32\els.dll
2016-11-18 18:58:23 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2016-11-18 18:58:23 ----A---- C:\Windows\system32\wshrm.dll
2016-11-18 18:58:23 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-11-18 18:58:01 ----A---- C:\Windows\system32\usp10.dll
2016-11-18 18:58:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-11-18 18:57:42 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-11-18 18:57:42 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-11-18 18:57:42 ----A---- C:\Windows\system32\comsvcs.dll
2016-11-18 18:57:42 ----A---- C:\Windows\system32\catsrvut.dll
2016-11-18 18:57:23 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-11-18 18:57:22 ----A---- C:\Windows\system32\drivers\afd.sys
2016-11-18 18:56:40 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-11-18 18:53:39 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-11-18 18:53:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-18 18:50:31 ----A---- C:\Windows\system32\schedsvc.dll
2016-11-18 18:49:50 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-11-18 18:49:50 ----A---- C:\Windows\system32\d3d10warp.dll
2016-11-18 18:46:50 ----A---- C:\Windows\system32\sysmain.dll
2016-11-18 18:44:30 ----A---- C:\Windows\system32\basesrv.dll
2016-11-18 18:42:37 ----A---- C:\Windows\system32\notepad.exe
2016-11-18 18:42:36 ----A---- C:\Windows\SYSWOW64\notepad.exe
2016-11-18 18:42:36 ----A---- C:\Windows\notepad.exe
2016-11-18 18:42:08 ----A---- C:\Windows\system32\comctl32.dll
2016-11-18 18:42:07 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2016-11-18 18:40:33 ----A---- C:\Windows\system32\services.exe
2016-11-18 18:38:59 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2016-11-18 18:38:59 ----A---- C:\Windows\system32\clfsw32.dll
2016-11-18 18:37:50 ----A---- C:\Windows\system32\drivers\http.sys
2016-11-18 18:37:27 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-11-18 18:37:27 ----A---- C:\Windows\system32\WMPhoto.dll
2016-11-18 18:36:59 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2016-11-18 18:36:58 ----A---- C:\Windows\system32\ubpm.dll
2016-11-18 18:35:55 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2016-11-18 18:35:54 ----A---- C:\Windows\system32\scesrv.dll
2016-11-18 18:35:30 ----A---- C:\Windows\system32\profsvc.dll
2016-11-18 18:35:05 ----A---- C:\Windows\system32\nlasvc.dll
2016-11-18 18:35:05 ----A---- C:\Windows\system32\nlaapi.dll
2016-11-18 18:35:05 ----A---- C:\Windows\system32\ncsi.dll
2016-11-18 18:35:04 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2016-11-18 18:35:04 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2016-11-18 18:34:11 ----A---- C:\Windows\system32\pku2u.dll
2016-11-18 18:34:10 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2016-11-18 18:33:27 ----A---- C:\Windows\system32\termsrv.dll
2016-11-18 18:32:21 ----A---- C:\Windows\SYSWOW64\packager.dll
2016-11-18 18:32:21 ----A---- C:\Windows\system32\packager.dll
2016-11-18 18:30:51 ----A---- C:\Windows\system32\winsta.dll
2016-11-18 18:30:51 ----A---- C:\Windows\system32\winlogon.exe
2016-11-18 18:30:51 ----A---- C:\Windows\system32\rdpcorekmts.dll
2016-11-18 18:30:51 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2016-11-18 18:30:49 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2016-11-18 18:30:46 ----A---- C:\Windows\SYSWOW64\winsta.dll
2016-11-18 18:29:53 ----A---- C:\Windows\SYSWOW64\rastls.dll
2016-11-18 18:29:53 ----A---- C:\Windows\system32\rastls.dll
2016-11-18 18:29:18 ----A---- C:\Windows\SYSWOW64\mscories.dll
2016-11-18 18:29:18 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2016-11-18 18:29:18 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2016-11-18 18:29:18 ----A---- C:\Windows\system32\dfshim.dll
2016-11-18 18:29:16 ----A---- C:\Windows\system32\mscories.dll
2016-11-18 18:29:16 ----A---- C:\Windows\system32\mscorier.dll
2016-11-18 18:26:38 ----A---- C:\Windows\system32\msvcrt.dll
2016-11-18 18:26:37 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2016-11-18 18:26:25 ----A---- C:\Windows\SYSWOW64\synceng.dll
2016-11-18 18:26:25 ----A---- C:\Windows\system32\synceng.dll
2016-11-18 18:26:09 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-11-18 18:25:44 ----A---- C:\Windows\system32\drivers\partmgr.sys
2016-11-18 18:25:30 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2016-11-18 18:25:30 ----A---- C:\Windows\system32\oleacc.dll
2016-11-18 18:25:19 ----A---- C:\Windows\system32\odbctrac.dll
2016-11-18 18:25:19 ----A---- C:\Windows\system32\odbccr32.dll
2016-11-18 18:25:18 ----A---- C:\Windows\system32\odbccu32.dll
2016-11-18 18:25:17 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2016-11-18 18:25:17 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2016-11-18 18:25:17 ----A---- C:\Windows\system32\odbccp32.dll
2016-11-18 18:25:16 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2016-11-18 18:25:16 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2016-11-18 18:25:16 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2016-11-18 18:24:25 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2016-11-18 18:24:25 ----A---- C:\Windows\system32\psisdecd.dll
2016-11-18 18:23:54 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2016-11-18 18:23:54 ----A---- C:\Windows\system32\cdosys.dll
2016-11-18 18:23:35 ----A---- C:\Windows\system32\mfc42u.dll
2016-11-18 18:23:35 ----A---- C:\Windows\system32\mfc42.dll
2016-11-18 18:23:34 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2016-11-18 18:23:34 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2016-11-18 18:22:55 ----A---- C:\Windows\system32\rdrmemptylst.exe
2016-11-18 18:22:55 ----A---- C:\Windows\system32\rdpwsx.dll
2016-11-18 18:22:48 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-11-18 18:22:48 ----A---- C:\Windows\system32\dpnet.dll
2016-11-18 18:22:39 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-11-18 18:22:38 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2016-11-18 18:22:38 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-11-18 18:22:38 ----A---- C:\Windows\system32\dnscacheugc.exe
2016-11-18 18:22:38 ----A---- C:\Windows\system32\dnsapi.dll
2016-11-18 18:22:31 ----A---- C:\Windows\system32\FXSCOVER.exe
2016-11-18 18:20:46 ----A---- C:\Windows\SYSWOW64\sbe.dll
2016-11-18 18:20:46 ----A---- C:\Windows\system32\sbe.dll
2016-11-18 18:20:16 ----A---- C:\Windows\system32\browser.dll
2016-11-18 18:20:15 ----A---- C:\Windows\system32\netapi32.dll
2016-11-18 18:20:15 ----A---- C:\Windows\system32\browcli.dll
2016-11-18 18:20:14 ----A---- C:\Windows\SYSWOW64\browcli.dll
2016-11-18 18:20:13 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2016-11-18 18:10:03 ----A---- C:\Windows\system32\api.dll
2016-11-18 17:57:47 ----D---- C:\Windows\Minidump
2016-11-18 17:06:32 ----A---- C:\Windows\SYSWOW64\osk.exe
2016-11-18 17:06:31 ----A---- C:\Windows\system32\osk.exe
2016-11-18 17:04:05 ----A---- C:\Windows\system32\objsel.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\system32\dpapiprovider.dll
2016-11-18 17:04:02 ----A---- C:\Windows\system32\cngprovider.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\wincredprovider.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\dimsroam.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\capiprovider.dll
2016-11-18 17:04:01 ----A---- C:\Windows\system32\adprovider.dll
2016-11-18 17:03:54 ----A---- C:\Windows\SYSWOW64\objsel.dll
2016-11-18 17:02:39 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-11-18 17:02:39 ----A---- C:\Windows\system32\d2d1.dll
2016-11-18 17:02:11 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2016-11-18 17:02:10 ----A---- C:\Windows\SYSWOW64\wscript.exe
2016-11-18 17:02:10 ----A---- C:\Windows\SYSWOW64\cscript.exe
2016-11-18 17:02:10 ----A---- C:\Windows\system32\wscript.exe
2016-11-18 17:02:10 ----A---- C:\Windows\system32\scrrun.dll
2016-11-18 17:02:10 ----A---- C:\Windows\system32\cscript.exe
2016-11-18 17:01:50 ----A---- C:\Windows\SYSWOW64\wmi.dll
2016-11-18 17:01:50 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2016-11-18 17:01:50 ----A---- C:\Windows\system32\wmi.dll
2016-11-18 17:01:50 ----A---- C:\Windows\system32\imagehlp.dll
2016-11-18 17:01:50 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2016-11-18 17:01:39 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2016-11-18 17:01:39 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2016-11-18 17:01:39 ----A---- C:\Windows\system32\nshwfp.dll
2016-11-18 17:01:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-11-18 17:01:39 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2016-11-18 17:01:08 ----A---- C:\Windows\system32\drivers\usbscan.sys
2016-11-18 17:01:07 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-11-18 17:01:07 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-11-18 17:00:46 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2016-11-18 17:00:39 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2016-11-18 17:00:39 ----A---- C:\Windows\system32\drivers\usbcir.sys
2016-11-18 17:00:04 ----A---- C:\Windows\system32\certutil.exe
2016-11-18 17:00:03 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-11-18 17:00:03 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-11-18 17:00:03 ----A---- C:\Windows\system32\certenc.dll
2016-11-18 16:36:33 ----D---- C:\f74ac6a2e4cd4e3b05d865d22c91ca77
2016-11-18 16:34:57 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-11-18 16:34:55 ----D---- C:\Program Files\Microsoft Security Client
2016-11-18 15:24:36 ----D---- C:\065499413fda718ad23a4eeb3e452f
2016-11-18 15:10:38 ----A---- C:\Windows\system32\invagent.dll
2016-11-18 15:10:38 ----A---- C:\Windows\system32\generaltel.dll
2016-11-18 15:10:38 ----A---- C:\Windows\system32\devinv.dll
2016-11-18 15:10:38 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-11-18 15:10:38 ----A---- C:\Windows\system32\centel.dll
2016-11-18 15:10:38 ----A---- C:\Windows\system32\appraiser.dll
2016-11-18 15:10:38 ----A---- C:\Windows\system32\aitstatic.exe
2016-11-18 15:10:38 ----A---- C:\Windows\system32\aepic.dll
2016-11-18 15:10:38 ----A---- C:\Windows\system32\aeinv.dll
2016-11-18 15:10:38 ----A---- C:\Windows\system32\acmigration.dll
2016-11-18 15:10:34 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-11-18 15:10:34 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-11-18 15:10:34 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-11-18 15:10:34 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-11-18 15:10:34 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-11-18 15:10:33 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-11-18 15:10:33 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-11-18 15:07:00 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2016-11-18 15:07:00 ----A---- C:\Windows\system32\RMActivate_isv.exe
2016-11-18 15:07:00 ----A---- C:\Windows\system32\RMActivate.exe
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\secproc.dll
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2016-11-18 15:06:59 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2016-11-18 15:06:59 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2016-11-18 15:06:59 ----A---- C:\Windows\system32\secproc_ssp.dll
2016-11-18 15:06:59 ----A---- C:\Windows\system32\secproc_isv.dll
2016-11-18 15:06:59 ----A---- C:\Windows\system32\secproc.dll
2016-11-18 15:06:59 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2016-11-18 15:06:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2016-11-18 15:06:59 ----A---- C:\Windows\system32\msdrm.dll
2016-11-18 15:05:52 ----A---- C:\Windows\system32\Wpc.dll
2016-11-18 15:05:51 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2016-11-18 15:05:51 ----A---- C:\Windows\SYSWOW64\gameux.dll
2016-11-18 15:05:51 ----A---- C:\Windows\system32\gameux.dll
2016-11-18 14:57:35 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2016-11-18 14:57:35 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-11-18 14:57:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-11-18 14:57:33 ----A---- C:\Windows\system32\shell32.dll
2016-11-18 14:57:32 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-11-18 14:57:32 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-11-18 14:57:32 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-11-18 14:57:32 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-11-18 14:57:32 ----A---- C:\Windows\system32\authui.dll
2016-11-18 14:57:32 ----A---- C:\Windows\explorer.exe
2016-11-18 14:57:09 ----A---- C:\Windows\system32\fsutil.exe
2016-11-18 14:57:09 ----A---- C:\Windows\system32\esent.dll
2016-11-18 14:57:09 ----A---- C:\Windows\system32\drivers\amdxata.sys
2016-11-18 14:57:08 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-11-18 14:57:07 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2016-11-18 14:57:07 ----A---- C:\Windows\system32\drivers\nvstor.sys
2016-11-18 14:57:07 ----A---- C:\Windows\system32\drivers\nvraid.sys
2016-11-18 14:57:07 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2016-11-18 14:57:07 ----A---- C:\Windows\system32\drivers\amdsata.sys
2016-11-18 14:56:50 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2016-11-18 14:56:50 ----A---- C:\Windows\system32\xmllite.dll
2016-11-18 14:56:41 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-11-18 14:56:41 ----A---- C:\Windows\system32\mtxoci.dll
2016-11-18 14:56:40 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-11-18 14:56:03 ----A---- C:\Windows\system32\rpcss.dll
2016-11-18 14:56:01 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2016-11-18 14:56:01 ----A---- C:\Windows\system32\msieftp.dll
2016-11-18 14:55:28 ----A---- C:\Windows\system32\wwansvc.dll
2016-11-18 14:55:28 ----A---- C:\Windows\system32\wwanprotdim.dll
2016-11-18 14:55:24 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2016-11-18 14:55:24 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2016-11-18 14:55:24 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2016-11-18 14:55:24 ----A---- C:\Windows\system32\dhcpcore6.dll
2016-11-18 14:54:49 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2016-11-18 14:54:49 ----A---- C:\Windows\system32\tracerpt.exe
2016-11-18 14:54:48 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2016-11-18 14:54:48 ----A---- C:\Windows\SYSWOW64\sechost.dll
2016-11-18 14:54:48 ----A---- C:\Windows\SYSWOW64\relog.exe
2016-11-18 14:54:48 ----A---- C:\Windows\SYSWOW64\logman.exe
2016-11-18 14:54:48 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2016-11-18 14:54:48 ----A---- C:\Windows\system32\typeperf.exe
2016-11-18 14:54:48 ----A---- C:\Windows\system32\sechost.dll
2016-11-18 14:54:48 ----A---- C:\Windows\system32\relog.exe
2016-11-18 14:54:48 ----A---- C:\Windows\system32\logman.exe
2016-11-18 14:54:48 ----A---- C:\Windows\system32\diskperf.exe
2016-11-18 14:53:07 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-11-18 14:53:07 ----A---- C:\Windows\system32\ntshrui.dll
2016-11-18 14:52:58 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2016-11-18 14:52:58 ----A---- C:\Windows\system32\TSWorkspace.dll
2016-11-18 14:52:46 ----A---- C:\Windows\system32\drivers\disk.sys
2016-11-18 14:52:10 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-11-18 14:52:10 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-11-18 14:52:10 ----A---- C:\Windows\system32\tquery.dll
2016-11-18 14:52:10 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2016-11-18 14:52:10 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-11-18 14:52:10 ----A---- C:\Windows\system32\mssrch.dll
2016-11-18 14:52:09 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2016-11-18 14:52:09 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-11-18 14:52:09 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2016-11-18 14:52:09 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2016-11-18 14:52:09 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2016-11-18 14:52:09 ----A---- C:\Windows\SYSWOW64\mssph.dll
2016-11-18 14:52:09 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2016-11-18 14:52:09 ----A---- C:\Windows\system32\SearchFilterHost.exe
2016-11-18 14:52:09 ----A---- C:\Windows\system32\mssvp.dll
2016-11-18 14:52:09 ----A---- C:\Windows\system32\mssphtb.dll
2016-11-18 14:52:09 ----A---- C:\Windows\system32\mssph.dll
2016-11-18 14:52:09 ----A---- C:\Windows\system32\msscntrs.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\ucrtbase.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-11-18 14:52:02 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-11-18 14:52:01 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-11-18 14:52:01 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-11-18 14:52:01 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-11-18 14:42:39 ----A---- C:\Windows\SYSWOW64\wer.dll
2016-11-18 14:42:39 ----A---- C:\Windows\system32\wer.dll
2016-11-18 14:42:31 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-11-18 14:42:31 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2016-11-18 14:42:31 ----A---- C:\Windows\system32\dwmcore.dll
2016-11-18 14:42:31 ----A---- C:\Windows\system32\dwmapi.dll
2016-11-18 13:57:17 ----A---- C:\Windows\system32\drivers\ataport.sys
2016-11-18 13:55:40 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2016-11-18 13:55:40 ----A---- C:\Windows\SYSWOW64\credui.dll
2016-11-18 13:55:40 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2016-11-18 13:55:40 ----A---- C:\Windows\system32\credui.dll
2016-11-18 13:55:30 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-11-18 13:55:30 ----A---- C:\Windows\system32\tbs.dll
2016-11-18 13:55:30 ----A---- C:\Windows\system32\fveapibase.dll
2016-11-18 13:55:30 ----A---- C:\Windows\system32\fveapi.dll
2016-11-18 13:46:30 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-11-18 13:38:31 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2016-11-18 13:36:30 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2016-11-18 13:36:30 ----A---- C:\Windows\system32\netcorehc.dll
2016-11-18 13:36:30 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-11-18 13:36:29 ----A---- C:\Windows\SYSWOW64\netevent.dll
2016-11-18 13:36:29 ----A---- C:\Windows\system32\netevent.dll
2016-11-18 13:27:12 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-11-18 13:27:12 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-11-18 13:27:12 ----A---- C:\Windows\system32\drivers\netio.sys
2016-11-18 13:27:12 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-11-18 13:19:41 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2016-11-18 13:19:41 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2016-11-18 13:19:41 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2016-11-18 13:19:41 ----A---- C:\Windows\system32\shimeng.dll
2016-11-18 13:19:41 ----A---- C:\Windows\system32\sdbinst.exe
2016-11-18 13:19:41 ----A---- C:\Windows\system32\apphelp.dll
2016-11-18 13:19:41 ----A---- C:\Windows\system32\aelupsvc.dll
2016-11-18 13:19:40 ----A---- C:\Windows\system32\OxpsConverter.exe
2016-11-18 13:19:28 ----A---- C:\Windows\SYSWOW64\tdh.dll
2016-11-18 13:19:28 ----A---- C:\Windows\system32\tdh.dll
2016-11-18 13:05:03 ----A---- C:\Windows\system32\drivers\stream.sys
2016-11-18 13:04:52 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2016-11-18 13:04:52 ----A---- C:\Windows\system32\shdocvw.dll
2016-11-18 13:04:41 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2016-11-18 13:04:41 ----A---- C:\Windows\system32\iologmsg.dll
2016-11-18 13:04:41 ----A---- C:\Windows\system32\drivers\storport.sys
2016-11-18 13:04:41 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-11-18 13:04:41 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2016-11-18 13:04:26 ----A---- C:\Windows\system32\msxml6.dll
2016-11-18 13:04:25 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2016-11-18 13:04:25 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-11-18 13:04:25 ----A---- C:\Windows\system32\msxml6r.dll
2016-11-18 12:58:40 ----A---- C:\Windows\SYSWOW64\charmap.exe
2016-11-18 12:58:40 ----A---- C:\Windows\system32\charmap.exe
2016-11-18 11:58:21 ----A---- C:\Windows\system32\cryptdlg.dll
2016-11-18 11:58:20 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2016-11-18 11:55:19 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-11-18 11:55:19 ----A---- C:\Windows\system32\webio.dll
2016-11-18 11:54:02 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-11-18 11:53:58 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-11-18 11:53:58 ----A---- C:\Windows\system32\InkEd.dll
2016-11-18 11:53:57 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2016-11-18 11:53:57 ----A---- C:\Windows\system32\prevhost.exe
2016-11-18 11:16:22 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2016-11-18 11:16:22 ----A---- C:\Windows\system32\infocardapi.dll
2016-11-18 11:16:21 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2016-11-18 11:16:21 ----A---- C:\Windows\system32\icardagt.exe
2016-11-18 11:16:19 ----A---- C:\Windows\SYSWOW64\icardres.dll
2016-11-18 11:16:18 ----A---- C:\Windows\system32\icardres.dll
2016-11-18 11:16:05 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-11-18 11:16:05 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-11-18 11:02:13 ----D---- C:\Program Files\WindowsPowerShell
2016-11-18 11:02:13 ----D---- C:\Program Files (x86)\WindowsPowerShell
2016-11-18 11:02:11 ----D---- C:\Windows\system32\dsc
2016-11-18 11:02:10 ----D---- C:\Windows\system32\Configuration
2016-11-18 11:00:10 ----A---- C:\Windows\SYSWOW64\winrm.vbs
2016-11-18 11:00:10 ----A---- C:\Windows\system32\winrm.vbs
2016-11-18 10:53:22 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-11-18 10:53:22 ----A---- C:\Windows\system32\rdpcore.dll
2016-11-18 10:53:21 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2016-11-18 10:36:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-11-18 10:36:20 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-11-18 10:36:20 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-11-18 10:36:20 ----A---- C:\Windows\system32\msimsg.dll
2016-11-18 10:36:20 ----A---- C:\Windows\system32\msiexec.exe
2016-11-18 10:36:20 ----A---- C:\Windows\system32\consent.exe
2016-11-18 10:36:20 ----A---- C:\Windows\system32\ci.dll
2016-11-18 10:36:20 ----A---- C:\Windows\system32\appinfo.dll
2016-11-18 10:36:19 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-11-18 10:36:18 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-18 10:36:18 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\wups2.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\wups.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-11-18 10:36:18 ----A---- C:\Windows\system32\msihnd.dll
2016-11-18 10:36:17 ----A---- C:\Windows\system32\winresume.exe
2016-11-18 10:36:16 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-11-18 10:36:16 ----A---- C:\Windows\system32\winload.exe
2016-11-18 10:36:16 ----A---- C:\Windows\system32\drivers\cng.sys
2016-11-18 10:36:16 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-11-18 10:36:14 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-11-18 10:36:14 ----A---- C:\Windows\system32\wuauclt.exe
2016-11-18 10:36:14 ----A---- C:\Windows\system32\wuapp.exe
2016-11-18 10:36:13 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-11-18 10:36:13 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-11-18 10:36:13 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-11-18 10:36:13 ----A---- C:\Windows\system32\wuwebv.dll
2016-11-18 10:36:13 ----A---- C:\Windows\system32\wudriver.dll
2016-11-18 10:36:13 ----A---- C:\Windows\system32\msi.dll
2016-11-18 10:36:12 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-11-18 10:36:12 ----A---- C:\Windows\system32\wucltux.dll
2016-11-18 10:36:12 ----A---- C:\Windows\system32\wuaueng.dll
2016-11-18 10:36:12 ----A---- C:\Windows\system32\wuapi.dll
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\devobj.dll
2016-11-18 09:38:21 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2016-11-18 09:38:21 ----A---- C:\Windows\system32\umpnpmgr.dll
2016-11-18 08:52:12 ----D---- C:\17c74836bad95cfece9144968be5051b
2016-11-18 08:50:19 ----D---- C:\Program Files\Microsoft Silverlight
2016-11-18 08:50:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-17 15:24:30 ----D---- C:\683abb9e7083b46b5b
2016-11-17 15:24:02 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-11-17 15:24:01 ----A---- C:\Windows\system32\poqexec.exe
2016-11-17 15:21:01 ----D---- C:\Windows\system32\appmgmt
2016-11-17 15:18:54 ----D---- C:\681f7de42afc78d472
2016-11-17 13:19:11 ----D---- C:\e1e8a5097f3b1a87e6fd
2016-11-17 13:14:30 ----D---- C:\7e6dde7e4fd166a14a59796db7931f
2016-11-17 10:06:28 ----D---- C:\77b8b98f122ae09806bb9afc97ad843b
2016-11-17 09:53:27 ----D---- C:\1f486f7e6b97a9968f113918dfdb0e49
2016-11-17 09:31:54 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2016-11-17 09:31:49 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2016-11-17 09:31:49 ----A---- C:\Windows\system32\elshyph.dll
2016-11-17 09:31:48 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2016-11-17 09:31:48 ----A---- C:\Windows\SYSWOW64\msls31.dll
2016-11-17 09:31:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2016-11-17 09:31:44 ----A---- C:\Windows\SYSWOW64\url.dll
2016-11-17 09:31:43 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2016-11-17 09:31:43 ----A---- C:\Windows\SYSWOW64\icardie.dll
2016-11-17 09:31:42 ----A---- C:\Windows\SYSWOW64\wextract.exe
2016-11-17 09:31:42 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2016-11-17 09:31:41 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\mshta.exe
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2016-11-17 09:31:40 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2016-11-17 09:31:39 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2016-11-17 09:31:38 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2016-11-17 09:31:38 ----A---- C:\Windows\system32\jsIntl.dll
2016-11-17 09:31:37 ----A---- C:\Windows\system32\msls31.dll
2016-11-17 09:31:37 ----A---- C:\Windows\system32\msfeedssync.exe
2016-11-17 09:31:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-11-17 09:31:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2016-11-17 09:31:36 ----A---- C:\Windows\system32\mshtmler.dll
2016-11-17 09:31:36 ----A---- C:\Windows\system32\iesysprep.dll
2016-11-17 09:31:36 ----A---- C:\Windows\system32\IEAdvpack.dll
2016-11-17 09:31:34 ----A---- C:\Windows\system32\ieapfltr.dat
2016-11-17 09:31:34 ----A---- C:\Windows\system32\icardie.dll
2016-11-17 09:31:33 ----A---- C:\Windows\system32\wextract.exe
2016-11-17 09:31:33 ----A---- C:\Windows\system32\url.dll
2016-11-17 09:31:33 ----A---- C:\Windows\system32\licmgr10.dll
2016-11-17 09:31:33 ----A---- C:\Windows\system32\iexpress.exe
2016-11-17 09:31:32 ----A---- C:\Windows\system32\pngfilt.dll
2016-11-17 09:31:32 ----A---- C:\Windows\system32\mshta.exe
2016-11-17 09:31:32 ----A---- C:\Windows\system32\imgutil.dll
2016-11-17 09:31:32 ----A---- C:\Windows\system32\iepeers.dll
2016-11-17 09:29:41 ----A---- C:\Windows\system32\taskhost.exe
2016-11-17 09:28:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-11-17 09:28:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-11-17 09:28:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-17 09:28:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-11-17 09:27:59 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-11-17 09:27:59 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2016-11-17 09:27:59 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2016-11-17 09:27:58 ----A---- C:\Windows\system32\XpsPrint.dll
2016-11-17 09:27:58 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2016-11-17 09:27:57 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2016-11-17 09:27:57 ----A---- C:\Windows\system32\dxgi.dll
2016-11-17 09:27:56 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2016-11-17 09:27:56 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2016-11-17 09:27:56 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2016-11-17 09:27:55 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2016-11-17 09:27:53 ----A---- C:\Windows\system32\d3d10core.dll
2016-11-17 09:27:53 ----A---- C:\Windows\system32\d3d10.dll
2016-11-17 09:27:52 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-11-17 09:27:52 ----A---- C:\Windows\system32\d3d10_1core.dll
2016-11-17 09:27:52 ----A---- C:\Windows\system32\d3d10_1.dll
2016-11-17 09:27:49 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-11-17 09:26:04 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-11-17 09:26:04 ----A---- C:\Windows\system32\d3d11.dll
2016-11-17 08:54:46 ----D---- C:\Program Files (x86)\Opera
2016-11-16 21:13:59 ----D---- C:\Program Files\Common Files\Adobe
2016-11-16 21:13:50 ----D---- C:\Program Files\Adobe
2016-11-16 17:12:00 ----D---- C:\Program Files\CCleaner
2016-11-13 13:45:55 ----D---- C:\Program Files (x86)\JSignPdf
2016-11-05 08:33:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-01 11:44:08 ----D---- C:\Users\Michal\AppData\Roaming\Notepad++
2016-11-01 11:44:08 ----D---- C:\Program Files (x86)\Notepad++
2016-10-31 08:24:09 ----D---- C:\791611f8ebca180afb34
2016-10-31 08:21:09 ----D---- C:\60f3bdfebce2a16a4b
2016-10-28 10:20:30 ----D---- C:\Program Files\Common Files\AV
2016-10-28 10:16:51 ----D---- C:\ProgramData\AVAST Software
2016-10-28 10:15:37 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2016-10-26 19:52:01 ----D---- C:\Symbols
2016-10-26 16:32:30 ----D---- C:\c5e5e52f989d56c4412f5f13c52d
2016-10-25 10:29:00 ----A---- C:\Windows\system32\atl100.dll
2016-10-25 10:27:02 ----A---- C:\Windows\system32\msvcr100.dll
2016-10-25 10:27:02 ----A---- C:\Windows\system32\msvcp100.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfcm100u.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfcm100.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfc100u.dll
2016-10-25 10:17:00 ----A---- C:\Windows\system32\mfc100.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100rus.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100kor.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100jpn.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100ita.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100cht.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100chs.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100fra.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100esn.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100enu.dll
2016-10-25 10:14:22 ----A---- C:\Windows\system32\mfc100deu.dll
2016-10-25 10:11:56 ----A---- C:\Windows\system32\vcomp100.dll
2016-10-23 08:25:23 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2016-10-21 07:29:55 ----D---- C:\Users\Michal\AppData\Roaming\dclogs
2016-10-21 07:21:17 ----D---- C:\5f9c2bf18415cadc93cc68920b1261e4

======List of files/folders modified in the last 1 month======

2016-11-20 20:12:08 ----D---- C:\Windows\System32
2016-11-20 20:12:08 ----D---- C:\Windows\inf
2016-11-20 20:12:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-20 20:11:44 ----D---- C:\Windows\Temp
2016-11-20 20:11:11 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2016-11-20 20:10:34 ----A---- C:\Windows\SYSWOW64\log.txt
2016-11-20 20:04:51 ----D---- C:\Windows\Tasks
2016-11-20 17:01:19 ----D---- C:\Windows\system32\drivers\Avg
2016-11-20 17:00:15 ----D---- C:\Windows\system32\Tasks
2016-11-20 16:54:42 ----D---- C:\Windows\system32\config
2016-11-20 16:47:44 ----SHD---- C:\Windows\Installer
2016-11-20 16:47:43 ----D---- C:\ProgramData\Microsoft Help
2016-11-20 16:44:30 ----D---- C:\Windows\winsxs
2016-11-20 16:42:09 ----D---- C:\Windows\SysWOW64
2016-11-20 16:39:54 ----D---- C:\Program Files (x86)\Common Files
2016-11-20 16:39:13 ----RSD---- C:\Windows\Fonts
2016-11-20 16:36:21 ----SHD---- C:\System Volume Information
2016-11-20 16:34:52 ----A---- C:\Windows\win.ini
2016-11-20 16:33:54 ----RSD---- C:\Windows\assembly
2016-11-20 16:27:24 ----D---- C:\Windows\Microsoft.NET
2016-11-20 15:45:42 ----RD---- C:\Program Files (x86)
2016-11-20 15:38:11 ----D---- C:\Windows
2016-11-20 15:36:09 ----D---- C:\Windows\system32\catroot
2016-11-20 15:35:30 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-20 15:35:30 ----D---- C:\Windows\system32\en-US
2016-11-20 15:35:24 ----D---- C:\Windows\SYSWOW64\Dism
2016-11-20 15:35:24 ----D---- C:\Windows\system32\AdvancedInstallers
2016-11-20 15:35:23 ----D---- C:\Windows\system32\Dism
2016-11-20 15:35:22 ----D---- C:\Windows\AppCompat
2016-11-20 15:35:21 ----D---- C:\Windows\SYSWOW64\wbem
2016-11-20 15:35:21 ----D---- C:\Windows\system32\wbem
2016-11-20 15:35:21 ----D---- C:\Windows\AppPatch
2016-11-20 15:35:20 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-11-20 15:35:20 ----D---- C:\Windows\system32\drivers\en-US
2016-11-20 15:35:20 ----D---- C:\Windows\system32\drivers
2016-11-20 15:35:20 ----D---- C:\Windows\Logs
2016-11-20 15:35:19 ----D---- C:\Windows\system32\sk-SK
2016-11-20 15:35:18 ----RD---- C:\Program Files
2016-11-20 15:35:16 ----D---- C:\Windows\SYSWOW64\migration
2016-11-20 15:35:16 ----D---- C:\Windows\PolicyDefinitions
2016-11-20 15:35:15 ----D---- C:\Windows\system32\migration
2016-11-20 15:35:05 ----D---- C:\Windows\system32\DriverStore
2016-11-20 15:04:46 ----D---- C:\Windows\debug
2016-11-20 14:13:34 ----D---- C:\Windows\system32\catroot2
2016-11-19 15:37:41 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2016-11-19 14:44:54 ----D---- C:\Users\Michal\AppData\Roaming\Adobe
2016-11-19 13:34:48 ----D---- C:\Windows\system32\LogFiles
2016-11-19 13:34:47 ----SD---- C:\ProgramData\Microsoft
2016-11-19 10:14:55 ----RD---- C:\Users
2016-11-19 10:03:56 ----SHD---- C:\$Recycle.Bin
2016-11-19 03:58:37 ----D---- C:\Windows\system32\wdi
2016-11-18 19:27:26 ----D---- C:\Program Files\Internet Explorer
2016-11-18 19:27:24 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-18 19:26:42 ----D---- C:\Windows\system32\Boot
2016-11-18 19:25:45 ----D---- C:\Program Files\Common Files\System
2016-11-18 19:00:38 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-11-18 17:59:34 ----D---- C:\Program Files\Windows Defender
2016-11-18 17:59:34 ----D---- C:\Program Files (x86)\Windows Defender
2016-11-18 16:34:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-18 16:32:38 ----D---- C:\Windows\SYSWOW64\de-DE
2016-11-18 16:32:38 ----D---- C:\Windows\system32\de-DE
2016-11-18 16:21:24 ----D---- C:\ProgramData\Package Cache
2016-11-18 16:16:31 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-18 11:07:23 ----D---- C:\Windows\Prefetch
2016-11-18 10:39:01 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-18 10:38:17 ----D---- C:\Windows\SoftwareDistribution
2016-11-18 09:41:03 ----D---- C:\ProgramData\Atheros
2016-11-17 09:39:39 ----D---- C:\Windows\Panther
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\zh-TW
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\zh-HK
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\zh-CN
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\tr-TR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\sv-SE
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\pt-PT
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\pt-BR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\nb-NO
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\ko-KR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\ja-JP
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\it-IT
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\fr-FR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\fi-FI
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\es-ES
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\el-GR
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\da-DK
2016-11-17 09:36:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-17 09:36:17 ----D---- C:\Windows\system32\pt-PT
2016-11-17 09:36:17 ----D---- C:\Windows\system32\pt-BR
2016-11-17 09:36:17 ----D---- C:\Windows\system32\it-IT
2016-11-17 09:36:16 ----D---- C:\Windows\system32\zh-TW
2016-11-17 09:36:16 ----D---- C:\Windows\system32\zh-HK
2016-11-17 09:36:16 ----D---- C:\Windows\system32\zh-CN
2016-11-17 09:36:16 ----D---- C:\Windows\system32\tr-TR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\sv-SE
2016-11-17 09:36:16 ----D---- C:\Windows\system32\ru-RU
2016-11-17 09:36:16 ----D---- C:\Windows\system32\pl-PL
2016-11-17 09:36:16 ----D---- C:\Windows\system32\nl-NL
2016-11-17 09:36:16 ----D---- C:\Windows\system32\nb-NO
2016-11-17 09:36:16 ----D---- C:\Windows\system32\ko-KR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\ja-JP
2016-11-17 09:36:16 ----D---- C:\Windows\system32\hu-HU
2016-11-17 09:36:16 ----D---- C:\Windows\system32\fr-FR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\fi-FI
2016-11-17 09:36:16 ----D---- C:\Windows\system32\es-ES
2016-11-17 09:36:16 ----D---- C:\Windows\system32\el-GR
2016-11-17 09:36:16 ----D---- C:\Windows\system32\da-DK
2016-11-17 09:36:16 ----D---- C:\Windows\system32\cs-CZ
2016-11-17 09:30:51 ----HD---- C:\ProgramData
2016-11-16 21:15:33 ----D---- C:\ProgramData\Adobe
2016-11-16 21:14:03 ----D---- C:\Program Files\Common Files
2016-11-16 21:07:41 ----D---- C:\Program Files (x86)\Adobe
2016-11-16 17:13:50 ----D---- C:\Users\Michal\AppData\Roaming\Media Player Classic
2016-11-08 15:46:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-08 15:46:32 ----D---- C:\Windows\system32\Macromed
2016-11-08 15:46:30 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-28 10:27:55 ----D---- C:\ProgramData\Skype
2016-10-28 10:27:51 ----RD---- C:\Program Files (x86)\Skype
2016-10-28 02:22:26 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-23 10:10:09 ----D---- C:\Users\Michal\AppData\Roaming\HpUpdate
2016-10-23 08:11:05 ----D---- C:\Program Files (x86)\VideoLAN

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-02-14 37472]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-01-31 652784]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-01-31 28656]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2016-10-07 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-10-07 834544]
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [2016-10-07 282976]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [2016-10-07 35664]
R1 AvgTdiA;AVG Free Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [2016-10-07 317520]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2016-09-12 920168]
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [2016-09-12 121248]
R1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [2016-09-12 195936]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2016-09-12 149256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2016-10-07 33560]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-25 11645952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-25 581632]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-04-11 164832]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-01-24 89168]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-03-24 3884032]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-01-24 346192]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-01-24 115280]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2013-01-24 34384]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2013-01-24 179432]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-01-24 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2013-01-24 136424]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-01-24 581200]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2013-03-05 1680992]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-02-27 355664]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-04-18 5358784]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-04-22 342528]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-04-03 128200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-04-24 8243144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2013-04-11 164832]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2013-03-25 132920]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-01-15 327240]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\drivers\usbscan.sys [2016-11-18 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-12 744640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-25 241152]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-04-11 772064]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-24 227456]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2016-10-07 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2016-10-07 308136]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-03-18 1124728]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-03-18 1366392]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-03-18 1161592]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2013-03-05 202400]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-04-18 621296]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-31 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-21 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-09-11 277792]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-08-30 120888]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-04-18 149744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-09-11 365344]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-08-30 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-07-14 107192]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-07-14 128696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-14 52920]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-24 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-07 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-18 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-20 172488]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-04-18 273136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]

-----------------EOF-----------------

#10 Příspěvek od **Rudy** » 20 lis 2016 20:25

OK. Nastala nějaká změna?

michal1097 · #11 Příspěvek od **michal1097** » 21 lis 2016 15:10

nechcene stranky prestalo otvarať. par krat sa stalo že mi otvorilo novú kartu ale hned ju automaticky vyplo.
ďakujem za pomoc

#12 Příspěvek od **Rudy** » 21 lis 2016 18:24

OK. Nemáte zač!

VIRY.CZ

pri praci z prehliadačom mi nahodne otvara nechcene stranky

pri praci z prehliadačom mi nahodne otvara nechcene stranky

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra

Re: pri praci z prehliadačom mi nahodne otvara nechcene stra