Prosím o preventivku

[matikolus]

Omylem jsem klikl na údajný vir ve zprávě na facebooku... Chci se jen ujistit.

Logfile of random's system information tool 1.14 (written by random/random)
Run by Lenovo at 2016-11-21 04:51:25
Microsoft Windows 10 Home
System drive C: has 803 GB (89%) free of 905 GB
Total RAM: 3960 MB (49% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:51:28, on 21. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.64.2.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
C:\Program Files\trend micro\Lenovo_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [Smart Update] C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe -s
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-285217817-3415256103-1001495881-1001\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-285217817-3415256103-1001495881-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem10.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Smart Update Service - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9430 bytes

======Enumerating Processes======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b322e921-42a3-48b8-9e31-1e913870f9b8 -SystemEventPortName:HostProcess-ff500c6b-58c5-4557-b790-a6c27fca6f87 -IoCancelEventPortName:HostProcess-6e05a779-523c-4c16-9474-eb13596cbe79 -NonStateChangingEventPortName:HostProcess-95ce7419-ffe8-48e9-b705-bc7b39e022e1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:aca74548-53b4-4a8f-9fc5-032a9836d233 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\WINDOWS\system32\CxAudMsg64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe" -s /RestartByRestartManager:28CC3C0F-46DF-480d-8063-3509EBFD42D6
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x16c4_0x1824_0x8600b3b3"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files\WindowsApps\Microsoft.XboxApp_22.23.11005.0_x64__8wekyb3d8bbwe\XboxApp.exe" -ServerName:Microsoft.XboxApp.AppXf18qzvvf02y898dj8d1frhp2562vbpn5.mca
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7571.57651.0_x64__8wekyb3d8bbwe\onenoteim.exe" -ServerName:microsoft.onenoteim.AppXxqb9ypsz6cs1w07e1pmjy4ww4dy9tpqr.mca
C:\WINDOWS\system32\dwm.exe
"C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.64.2.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe" -ServerName:App.AppXm9m9f3adxrh6y4sya6nq7msk1dgrx8v3.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12776.0.857895317\312578147" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 12776 "\\.\pipe\gecko-crash-server-pipe.12776" tab
C:\WINDOWS\system32\AUDIODG.EXE 0x78c
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe208_ Global\UsGthrCtrlFltPipeMssGthrPipe208 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Users\Lenovo\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1457385689 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{0905FB3F-164D-4E4C-B107-38A72191FB59} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\WINDOWS\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSCService.exe Actions UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\n9kxrmkk.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jid1-r1tDuNiNb4SEww@jetpack"=C:\Program Files\AVAST Software\Avast\pam\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll


C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\n9kxrmkk.default\addons.json

C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\n9kxrmkk.default\extensions.json
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast Passwords - extension - jid1-r1tDuNiNb4SEww@jetpack - C:\Program Files\AVAST Software\Avast\pam\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\n9kxrmkk.default\pluginreg.dat
Plugin - Shockwave Flash - 23.0.0.207 - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

=========Google Chrome=========


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6C8315E0-83E5-4C6C-AC66-DD96AA57A4A0}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C8315E0-83E5-4C6C-AC66-DD96AA57A4A0}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6C8315E0-83E5-4C6C-AC66-DD96AA57A4A0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6C8315E0-83E5-4C6C-AC66-DD96AA57A4A0}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-10-18 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-10-18 191544]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03 3944136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-10-07 633024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2015-06-12 561672]
"Smart Update"=C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe [2012-08-02 1706576]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"IntellingentTouchpad"=C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe [2012-07-23 673336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-08 9044392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-21 04:51:25 ----D---- C:\rsit
2016-11-21 04:51:25 ----D---- C:\Program Files\trend micro
2016-11-21 01:43:12 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-11-18 12:30:11 ----AD---- C:\Program Files\Mozilla Firefox
2016-11-09 19:59:49 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2016-11-09 11:26:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-09 11:26:55 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 11:26:53 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 11:26:52 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-09 11:26:52 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 11:26:51 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-09 11:26:51 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 11:26:51 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 11:26:51 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-09 11:26:51 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 11:26:50 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 11:26:50 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-09 11:26:49 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 11:26:49 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-09 11:26:48 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-09 11:26:47 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-09 11:26:47 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-09 11:26:47 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-09 11:26:46 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-09 11:26:45 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-09 11:26:45 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 11:26:45 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 11:26:44 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 11:26:44 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 11:26:44 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 11:26:43 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 11:26:43 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-09 11:26:42 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-09 11:26:42 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 11:26:41 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-09 11:26:41 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-09 11:26:40 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 11:26:39 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-09 11:26:38 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-09 11:26:38 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 11:26:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 11:26:37 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-09 11:26:36 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 11:26:34 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 11:26:31 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 11:26:30 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 11:26:29 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 11:26:29 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-09 11:26:29 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-09 11:26:28 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-09 11:26:28 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-09 11:26:27 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-09 11:26:26 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-09 11:26:25 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-09 11:26:23 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-09 11:26:23 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-09 11:26:22 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-09 11:26:22 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-09 11:26:22 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 11:26:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 11:26:21 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-09 11:26:21 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-09 11:26:19 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-09 11:26:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-09 11:26:16 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-09 11:26:15 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-09 11:26:13 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-09 11:26:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-09 11:26:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 11:26:10 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-09 11:26:09 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-09 11:26:09 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-09 11:26:09 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-09 11:26:08 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-09 11:26:07 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-09 11:26:06 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 11:26:05 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-09 11:26:05 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-09 11:26:03 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-09 11:26:01 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-09 11:25:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 11:25:49 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-09 11:25:49 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-09 11:25:48 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-09 11:25:48 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-09 11:25:48 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-09 11:25:47 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-09 11:25:47 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-09 11:25:46 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-09 11:25:46 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-09 11:25:46 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-09 11:25:46 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 11:25:45 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 11:25:45 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-09 11:25:44 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-09 11:25:44 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 11:25:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-09 11:25:43 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 11:25:43 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-09 11:25:42 ----A---- C:\WINDOWS\explorer.exe
2016-11-09 11:25:41 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 11:25:40 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-09 11:25:38 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 11:25:32 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-09 11:25:31 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 11:25:28 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-09 11:25:28 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-09 11:25:28 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-09 11:25:28 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 11:25:27 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 11:25:26 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 11:25:25 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 11:25:25 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 11:25:24 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-09 11:25:24 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-09 11:25:23 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 11:25:22 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 11:25:22 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 11:25:20 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 11:25:19 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-09 11:25:19 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-09 11:25:19 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 11:25:17 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 11:25:15 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-09 11:25:13 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-09 11:25:13 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-09 11:25:12 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-09 11:25:12 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 11:25:11 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-09 11:25:11 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 11:25:10 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 11:25:08 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 11:25:07 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-09 11:25:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 11:25:03 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-09 11:24:58 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-09 11:24:58 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 11:24:57 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-09 11:24:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 11:24:55 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-09 11:24:55 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 11:24:54 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 11:24:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 11:24:52 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 11:24:51 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-09 11:24:51 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-09 11:24:50 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 11:24:50 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 11:24:49 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-09 11:24:47 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 11:24:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-09 11:24:42 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-09 11:24:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-09 11:24:41 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 11:24:40 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 11:24:40 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-09 11:24:39 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 11:24:38 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 11:24:36 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 11:24:31 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-09 11:24:30 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 11:24:30 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 11:24:29 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-09 11:24:29 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-09 11:24:28 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 11:24:26 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-09 11:24:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 11:24:07 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 11:24:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 11:24:03 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-09 11:24:02 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 11:24:02 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 11:24:01 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 11:24:01 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 11:23:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 11:23:56 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-09 11:23:55 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-09 11:23:54 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 11:23:53 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 11:23:52 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-09 11:23:52 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 11:23:51 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-09 11:23:50 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 11:23:46 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-09 11:23:46 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 11:23:45 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-09 11:23:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 11:23:44 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-09 11:23:44 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 11:23:43 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 11:23:43 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 11:23:43 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 11:23:43 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 11:23:42 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-09 11:23:42 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-09 11:23:41 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-09 11:23:41 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 11:23:39 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-09 11:23:38 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-09 11:23:38 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-09 11:23:37 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 11:23:37 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-09 11:23:37 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-09 11:23:36 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 11:23:36 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 11:23:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 11:23:35 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-09 11:23:35 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-09 11:23:34 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-09 11:23:34 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-09 11:23:34 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 11:23:32 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-09 11:23:30 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-09 11:23:28 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 11:23:28 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 11:23:28 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-09 11:23:28 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 11:23:28 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-09 11:23:27 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-09 11:23:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 11:23:26 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 11:23:26 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 11:23:26 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 11:23:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 11:23:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 11:23:25 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-09 11:23:25 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-09 11:23:25 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 11:23:25 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 11:23:24 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-09 11:23:24 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 11:23:24 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 11:23:24 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 11:23:23 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 11:23:23 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 11:23:23 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 11:23:23 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 11:23:22 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 11:23:22 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 11:23:22 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-09 11:23:21 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-09 11:23:21 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 11:23:20 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-09 11:23:20 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-09 11:23:20 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 11:23:19 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-09 11:23:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-09 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-09 11:23:14 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-10-27 19:25:08 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-10-27 19:25:08 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-10-27 19:25:08 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 19:25:08 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 19:25:04 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 19:25:04 ----A---- C:\WINDOWS\system32\mfps.dll
2016-10-27 19:25:02 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-10-27 19:24:55 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 19:24:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 19:24:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 19:24:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 19:24:51 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-10-27 19:24:49 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-10-27 19:24:49 ----A---- C:\WINDOWS\system32\energy.dll
2016-10-27 19:24:49 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-10-27 19:24:48 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-10-27 19:24:48 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2016-10-27 19:24:47 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 19:24:46 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2016-10-27 19:24:46 ----A---- C:\WINDOWS\system32\usocore.dll
2016-10-27 19:24:46 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-27 19:24:45 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-10-27 19:24:44 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 19:24:43 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-10-27 19:24:40 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 19:24:40 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 19:24:34 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 19:24:34 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 19:24:34 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 19:24:33 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 19:24:20 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-10-27 19:24:20 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-10-27 19:24:19 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 19:24:19 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-10-27 19:24:18 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-10-27 19:24:18 ----A---- C:\WINDOWS\system32\wpnprv.dll
2016-10-27 19:24:17 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-10-27 19:24:17 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-10-27 19:24:16 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-10-27 19:24:16 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2016-10-27 19:24:16 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 19:24:15 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-10-27 19:24:15 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2016-10-27 19:24:14 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2016-10-27 19:24:13 ----A---- C:\WINDOWS\system32\Display.dll
2016-10-27 19:24:13 ----A---- C:\WINDOWS\system32\autoplay.dll
2016-10-27 19:24:12 ----A---- C:\WINDOWS\system32\powercfg.exe
2016-10-27 19:24:12 ----A---- C:\WINDOWS\system32\fhcpl.dll
2016-10-27 19:24:12 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-10-27 19:24:11 ----A---- C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 19:24:11 ----A---- C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 19:24:10 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 19:24:08 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 19:24:08 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-10-27 19:24:08 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 19:24:07 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 19:24:05 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-10-27 19:24:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-10-27 19:24:03 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2016-10-27 19:24:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 19:24:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-10-27 19:23:58 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-10-27 19:23:56 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-10-27 19:23:55 ----A---- C:\WINDOWS\system32\mispace.dll
2016-10-27 19:23:55 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-10-27 19:23:54 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-27 19:23:54 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-27 19:23:54 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 19:23:54 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-27 19:23:54 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-27 19:23:54 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-27 19:23:53 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-10-27 19:23:53 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 19:23:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-10-27 19:23:52 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-10-27 19:23:52 ----A---- C:\WINDOWS\splwow64.exe
2016-10-27 19:23:51 ----A---- C:\WINDOWS\system32\wintrust.dll
2016-10-27 19:23:51 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 19:23:50 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-27 19:23:49 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-27 19:23:47 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-27 19:23:47 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-27 19:23:46 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-10-27 19:23:45 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-10-27 19:23:44 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-10-27 19:23:44 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 19:23:44 ----A---- C:\WINDOWS\system32\drvstore.dll
2016-10-27 19:23:44 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2016-10-27 19:23:43 ----A---- C:\WINDOWS\SYSWOW64\wmpeffects.dll
2016-10-27 19:23:42 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-10-27 19:23:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-10-27 19:23:42 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-10-27 19:23:41 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 19:23:41 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-10-27 19:23:41 ----A---- C:\WINDOWS\system32\cmifw.dll
2016-10-27 19:23:40 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 19:23:40 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 19:23:39 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2016-10-27 19:23:39 ----A---- C:\WINDOWS\system32\wmpshell.dll
2016-10-27 19:23:35 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2016-10-27 19:23:34 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-10-27 19:23:33 ----A---- C:\WINDOWS\SYSWOW64\esentutl.exe
2016-10-27 19:23:33 ----A---- C:\WINDOWS\system32\wups.dll
2016-10-27 19:23:33 ----A---- C:\WINDOWS\system32\esentutl.exe
2016-10-27 19:23:28 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-10-27 19:23:27 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-10-27 19:23:26 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-10-27 19:23:26 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-10-27 19:23:26 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-10-27 19:23:26 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 19:23:25 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 19:23:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-27 19:23:21 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-27 19:23:20 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 19:23:20 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 19:23:19 ----A---- C:\WINDOWS\system32\mos.dll
2016-10-27 19:23:17 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2016-10-27 19:23:16 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2016-10-27 19:23:16 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-10-27 19:23:11 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-10-27 19:23:10 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-10-27 19:23:10 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-10-27 19:23:09 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-10-27 19:23:09 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 19:23:09 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 19:23:09 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 19:23:08 ----A---- C:\WINDOWS\system32\wc_storage.dll
2016-10-27 19:23:08 ----A---- C:\WINDOWS\system32\daxexec.dll
2016-10-27 19:23:08 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 19:23:08 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 19:23:07 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-10-27 19:23:05 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-10-27 19:23:04 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 19:23:03 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 19:23:03 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-27 19:23:03 ----A---- C:\WINDOWS\system32\combase.dll
2016-10-27 19:23:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2016-10-27 19:23:02 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-10-27 19:23:02 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-10-27 19:23:01 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-10-27 19:23:01 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-10-27 19:23:01 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 19:23:01 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 19:23:00 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 19:23:00 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 19:22:59 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-10-27 19:22:57 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 19:22:56 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-10-27 19:22:56 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-10-27 19:22:55 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2016-10-27 19:22:48 ----A---- C:\WINDOWS\SYSWOW64\autoplay.dll
2016-10-27 19:22:48 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 19:22:47 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-10-27 19:22:47 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 19:22:46 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2016-10-27 19:22:41 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-10-27 19:22:39 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-27 19:22:39 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-10-27 19:22:39 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-10-27 19:22:38 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-10-27 19:22:35 ----A---- C:\WINDOWS\system32\Geolocation.dll
2016-10-27 19:22:33 ----A---- C:\WINDOWS\system32\winmde.dll
2016-10-27 19:22:33 ----A---- C:\WINDOWS\system32\NotificationController.dll
2016-10-27 19:22:33 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-10-27 19:22:33 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-10-27 19:22:32 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-27 19:22:31 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-27 19:22:26 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-10-27 19:22:25 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2016-10-27 19:22:25 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-10-27 19:22:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-10-27 19:22:24 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2016-10-27 19:22:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-10-27 19:22:18 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-10-27 19:22:08 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-10-27 19:22:06 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2016-10-27 19:22:06 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 19:22:05 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-10-27 19:22:05 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 19:22:05 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 19:22:04 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-10-27 19:22:04 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-10-27 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-27 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-10-27 19:22:02 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-10-27 19:22:02 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-27 19:22:02 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-10-27 19:22:02 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 19:22:02 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2016-10-27 19:22:02 ----A---- C:\WINDOWS\system32\cdd.dll
2016-10-27 19:22:01 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 19:22:01 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-10-27 19:21:58 ----A---- C:\WINDOWS\SYSWOW64\powercfg.exe
2016-10-27 19:21:58 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2016-10-27 19:21:58 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-10-27 19:21:58 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-24 17:34:23 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 month======

2016-11-21 04:51:25 ----RD---- C:\Program Files
2016-11-21 04:47:20 ----D---- C:\WINDOWS\system32\SleepStudy
2016-11-21 04:47:19 ----D---- C:\WINDOWS\Temp
2016-11-21 04:19:01 ----D---- C:\WINDOWS\system32\sru
2016-11-21 01:43:22 ----D---- C:\WINDOWS\Prefetch
2016-11-21 01:43:16 ----D---- C:\WINDOWS\system32\Macromed
2016-11-21 01:43:14 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-21 01:43:12 ----D---- C:\WINDOWS\SysWOW64
2016-11-20 23:08:29 ----D---- C:\WINDOWS\system32\drivers
2016-11-20 10:18:02 ----RD---- C:\WINDOWS\Microsoft.NET
2016-11-19 22:47:09 ----D---- C:\WINDOWS\AppReadiness
2016-11-19 22:37:15 ----HD---- C:\Program Files\WindowsApps
2016-11-19 22:00:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-18 12:28:03 ----D---- C:\WINDOWS\system32\config
2016-11-18 12:22:42 ----SHD---- C:\System Volume Information
2016-11-16 18:58:54 ----D---- C:\WINDOWS\system32\catroot2
2016-11-14 18:52:22 ----HD---- C:\ProgramData
2016-11-12 18:03:56 ----D---- C:\WINDOWS\INF
2016-11-10 12:14:17 ----D---- C:\WINDOWS\rescache
2016-11-10 11:37:12 ----D---- C:\WINDOWS\WinSxS
2016-11-10 11:37:12 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-09 20:06:21 ----D---- C:\WINDOWS\System32
2016-11-09 20:06:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-09 20:03:06 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-11-09 19:58:49 ----SHD---- C:\Config.Msi
2016-11-09 19:56:20 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 19:56:19 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-09 19:56:19 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 19:56:13 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 19:56:12 ----D---- C:\WINDOWS\system32\oobe
2016-11-09 19:56:12 ----D---- C:\WINDOWS\system32\migwiz
2016-11-09 19:56:12 ----D---- C:\WINDOWS\system32\migration
2016-11-09 19:56:11 ----D---- C:\WINDOWS\system32\en-US
2016-11-09 19:56:10 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 19:56:10 ----D---- C:\WINDOWS\system32\Boot
2016-11-09 19:56:08 ----D---- C:\WINDOWS\ShellExperiences
2016-11-09 19:56:07 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-09 19:56:07 ----D---- C:\WINDOWS\bcastdvr
2016-11-09 19:56:07 ----D---- C:\WINDOWS\AppPatch
2016-11-09 19:56:07 ----AD---- C:\Windows
2016-11-09 14:49:53 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 14:43:39 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 14:40:48 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-08 11:28:49 ----SHD---- C:\WINDOWS\Installer
2016-11-08 11:28:48 ----D---- C:\WINDOWS\system32\Tasks
2016-11-05 10:27:23 ----D---- C:\Program Files (x86)\Common Files
2016-11-05 10:27:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-05 10:27:21 ----D---- C:\Program Files (x86)\Cyberlink
2016-11-05 10:27:19 ----D---- C:\Program Files (x86)\Lenovo
2016-10-29 00:56:11 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-28 07:54:34 ----D---- C:\WINDOWS\system32\wbem
2016-10-28 07:54:33 ----D---- C:\WINDOWS\system32\appraiser
2016-10-28 07:54:29 ----RSD---- C:\WINDOWS\Fonts
2016-10-28 07:54:28 ----D---- C:\Program Files\Windows Media Player
2016-10-28 07:54:28 ----D---- C:\Program Files (x86)\Windows Media Player

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-14 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-10-18 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-09-12 57400]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-14 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-14 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-14 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-22 513632]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-14 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-14 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 ACPIVPC;@oem19.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-10-18 33560]
R3 bcbtums;@oem10.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2015-03-27 173312]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2016-07-16 7585280]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-10-06 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-10-06 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-10-06 84992]
R3 CnxtHdAudService;@oem4.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-09-23 1317096]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2016-07-16 121344]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [2016-09-12 13754936]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 RTSUER;@oem21.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-14 402960]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-03 42696]
R3 SynTP;@oem20.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-06-03 613576]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-14 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-10-15 967168]
S3 btwampfl;@oem10.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2015-03-27 188160]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-14 197128]
R2 BcmBtRSupport;@oem10.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2015-03-27 2251992]
R2 CDPUserSvc_13cc2c;CDPUserSvc_13cc2c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 Lenovo Smart Update Service;Lenovo Smart Update Service; C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe [2012-07-18 66640]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\windows\SysWOW64\NLSSRV32.EXE [2012-07-16 69640]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 OneSyncSvc_13cc2c;Hostitel synchronizace_13cc2c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-06-03 249032]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-12-14 6889232]
R3 PimIndexMaintenanceSvc_13cc2c;Data kontaktů_13cc2c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\TimeBrokerServer.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-08-17 272424]
S3 MessagingService_13cc2c;Služba zasílání zpráv_13cc2c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-18 198088]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Roli]

Zdravím, stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

[matikolus]

# AdwCleaner v6.030 - Log soubor vytvořen 21/11/2016 na 19:52:41
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-20.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Lenovo - MATICI
# Beží od : C:\Users\Lenovo\Downloads\AdwCleaner.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1006 Bajtů] - [21/11/2016 19:52:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [1526 Bajtů] - [21/11/2016 19:26:17]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1154 Bajtů] ##########

[Roli]

Spusť skener Cure It podle TOHOTO návodu

po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)

[matikolus]

Tohle stačí?


Total 23000417374 bytes in 38218 files scanned (43073 objects)
Total 38187 files (43032 objects) are clean
There are no infected objects detected
Total 39 files are raised error condition
Scan time is 00:35:28.015

[Roli]

Tohle stačí?

PC je uklizené a čisté, pokud nejeví nějaké známky anomálií je to z mé strany vše.

[matikolus]

Díky, vyřešeno.

[Roli]

Díky, vyřešeno.

Není zač a