Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

aliexpress nejde odinstalovat

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
tojejedno
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 23 lis 2016 18:30

aliexpress nejde odinstalovat

#1 Příspěvek od tojejedno »

cavte prosim o pomoc, dnes pri instalacii softwaru picasa sa mi do pc dostal aj soft aliexpres, a pc zacal blbnut, vypisalo ze v pc mam vela havedi, nepomohla ani obnova systemu nakolko mi vypisalo ze nebsla uskutocnit, tento aliexpres nejde ani odinstalovat, jedna sa o novy notebook a nerad by som preinstaloval win, skusal som i softy ako adwcleaner no neuspesne, problem pretrvava, prikladam log z HJT.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:39, on 23.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17184)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\Users\P & M\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Users\P & M\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell15.msn.com/?pc=DCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.org/wpad.dat?5e8f8ee6 ... d120572166
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [OneDrive] "C:\Users\P & M\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: McAfee Application Installer Cleanup (0140251479921979) (0140251479921979mcinstcleanup) - Unknown owner - C:\Windows\TEMP\014025~1.EXE (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Product Registration - Dell - C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12602 bytes
Nahoru
tojejedno
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 23 lis 2016 18:30

Re: aliexpress nejde odinstalovat

#2 Příspěvek od tojejedno »

a log z RSIT

Logfile of random's system information tool 1.14 (written by random/random)
Run by P & M at 2016-11-23 18:40:19
Microsoft Windows 10 Home
System drive C: has 864 GB (92%) free of 939 GB
Total RAM: 4006 MB (47% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:40:25, on 23.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17184)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\Users\P & M\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files\trend micro\P & M_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell15.msn.com/?pc=DCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.org/wpad.dat?5e8f8ee6 ... d120572166
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [OneDrive] "C:\Users\P & M\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: McAfee Application Installer Cleanup (0140251479921979) (0140251479921979mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\014025~1.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Product Registration - Dell - C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12835 bytes

======Enumerating Processes======

C:\Windows\system32\lsass.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dashost.exe
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k appmodel
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\sihost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\PROGRA~1\TrueKey\MCAFEE~2.EXE
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6
"C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
"C:\Users\P & M\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Dell Customer Connect\DCCService.exe"
"C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
"C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe"
"C:\Program Files (x86)\Dell Update\DellUpService.exe"
C:\Program Files (x86)\Dell Update\DellUpTray.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Dell\Dell Product Registration\PRSvc.exe"
C:\Windows\system32\fontdrvhost.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\P & M\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x168
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Control/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_66/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,16,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4278 --gpu-driver-date=8-17-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1299 --mojo-application-channel-token=9B5D5B547B427823C21EDAA7A0B43207 --mojo-platform-channel-handle=1196 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --lang=sk --mojo-application-channel-token=867802233EADCD3E35CFCC66D7F0791F --mojo-platform-channel-handle=3424 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_66/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=EFDA6B4F0AFBCC2232DA2808013A329B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=EFDA6B4F0AFBCC2232DA2808013A329B --channel="804.2.729350113\1896300647" --mojo-platform-channel-handle=744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/*PasswordBranding/Control/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_66/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=EC07A01778CA1EE322CBD1B7DFBF0917 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=EC07A01778CA1EE322CBD1B7DFBF0917 --channel="804.4.493132095\1287699605" --mojo-platform-channel-handle=2968 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 604 608 616 8192 612
"C:\Users\P & M\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Opera_helper.job - C:\Users\P&M~1\AppData\Roaming\OPERA_~1\OPERA_~1.EXE /Check
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-PAŤKAMAREK-P & M - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\CLMLSvc_P2G8 - C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\Windows\system32\tasks\CLVDLauncher - C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe
C:\Windows\system32\tasks\DropboxOEM - "%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe" auto
C:\Windows\system32\tasks\DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\system32\tasks\DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Opera_helper - C:\Users\P&M~1\AppData\Roaming\OPERA_~1\OPERA_~1.EXE /Check
C:\Windows\system32\tasks\PCDEventLauncherTask - "C:\Program Files\Dell\SupportAssist\sessionchecker.exe"
C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask - "C:\Program Files\Dell\SupportAssist\uaclauncher.exe" -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\Windows\system32\tasks\RtHDVBg_PushButton - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\Windows\system32\tasks\SystemToolsDailyTest - "uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently
C:\Windows\system32\tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 - C:\Windows\TEMP\DeleteFolderTask.exe
C:\Windows\system32\tasks\User_Feed_Synchronization-{15F1901F-8940-4A84-8ACA-382D5D938E91} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\Windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\Windows\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - C:\Windows\system32\MusNotification.exe LogonUpdateResults
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - C:\Windows\system32\MusNotification.exe ForcedReboot
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\Windows\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\Windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\Windows\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetry -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload mininterval:2880
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload

=========Google Chrome=========

C:\Users\P & M\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\P & M\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4A626EC9-9C6E-4822-8C5F-6A986581E251}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4A626EC9-9C6E-4822-8C5F-6A986581E251}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCTE


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4A626EC9-9C6E-4822-8C5F-6A986581E251}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{4A626EC9-9C6E-4822-8C5F-6A986581E251}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCTE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-27 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02 1052896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-11-04 163528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27 1743664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-11-02 1052896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-10-20 8721656]
"RtHDVBg_MAXX6"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-20 1416440]
"WavesSvc"=c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [2015-09-25 714672]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-10-20 1795912]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\P & M\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-10-22 633024]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-23 18:40:19 ----D---- C:\rsit
2016-11-23 18:40:19 ----D---- C:\Program Files\trend micro
2016-11-23 18:08:31 ----D---- C:\Program Files\VS Revo Group
2016-11-23 17:49:33 ----D---- C:\AdwCleaner
2016-11-23 16:48:29 ----D---- C:\ProgramData\ESET
2016-11-23 16:48:29 ----D---- C:\Program Files\ESET
2016-11-23 16:11:35 ----D---- C:\Program Files (x86)\AliExpress
2016-11-22 16:42:13 ----D---- C:\Program Files\Adobe
2016-11-22 16:35:32 ----D---- C:\Program Files\Common Files\Adobe
2016-11-20 10:55:05 ----N---- C:\Windows\system32\MpSigStub.exe
2016-11-12 14:31:39 ----A---- C:\Windows\system32\hpinkstsB611LM.dll
2016-11-12 14:31:39 ----A---- C:\Windows\system32\hpinkinsB611.exe
2016-11-12 14:31:39 ----A---- C:\Windows\system32\hpinkcoiB611.dll
2016-11-12 10:29:55 ----A---- C:\Windows\system32\hpf3l02t.dll
2016-11-12 10:29:43 ----A---- C:\Windows\system32\hpzids40.dll
2016-11-12 09:47:48 ----D---- C:\Users\P & M\AppData\Roaming\Mozilla
2016-11-12 09:43:47 ----D---- C:\ProgramData\BlueStacksSetup
2016-11-09 18:44:59 ----A---- C:\Windows\system32\mshtml.dll
2016-11-09 18:44:58 ----A---- C:\Windows\system32\edgehtml.dll
2016-11-09 18:44:56 ----A---- C:\Windows\system32\sppsvc.exe
2016-11-09 18:44:55 ----A---- C:\Windows\system32\WSService.dll
2016-11-09 18:44:55 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-11-09 18:44:53 ----A---- C:\Windows\system32\shell32.dll
2016-11-09 18:44:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-09 18:44:49 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-11-09 18:44:46 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-11-09 18:44:45 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2016-11-09 18:44:44 ----A---- C:\Windows\system32\ClipUp.exe
2016-11-09 18:44:42 ----A---- C:\Windows\system32\BingMaps.dll
2016-11-09 18:44:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-09 18:44:40 ----A---- C:\Windows\system32\wmp.dll
2016-11-09 18:44:39 ----A---- C:\Windows\system32\Chakra.dll
2016-11-09 18:44:38 ----A---- C:\Windows\system32\twinui.dll
2016-11-09 18:44:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-11-09 18:44:35 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-11-09 18:44:35 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-11-09 18:44:34 ----A---- C:\Windows\system32\mos.dll
2016-11-09 18:44:33 ----A---- C:\Windows\system32\wininet.dll
2016-11-09 18:44:32 ----A---- C:\Windows\system32\ieframe.dll
2016-11-09 18:44:31 ----A---- C:\Windows\SYSWOW64\WindowsCodecsRaw.dll
2016-11-09 18:44:30 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2016-11-09 18:44:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-09 18:44:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-09 18:44:27 ----A---- C:\Windows\system32\Wpc.dll
2016-11-09 18:44:27 ----A---- C:\Windows\system32\win32kfull.sys
2016-11-09 18:44:26 ----A---- C:\Windows\system32\Windows.UI.Logon.dll
2016-11-09 18:44:26 ----A---- C:\Windows\system32\windows.storage.dll
2016-11-09 18:44:25 ----A---- C:\Windows\system32\iertutil.dll
2016-11-09 18:44:25 ----A---- C:\Windows\system32\CoreUIComponents.dll
2016-11-09 18:44:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-09 18:44:24 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-11-09 18:44:24 ----A---- C:\Windows\system32\mfcore.dll
2016-11-09 18:44:23 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-11-09 18:44:23 ----A---- C:\Windows\system32\jscript9.dll
2016-11-09 18:44:21 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-11-09 18:44:21 ----A---- C:\Windows\system32\WMVCORE.DLL
2016-11-09 18:44:21 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2016-11-09 18:44:20 ----A---- C:\Windows\system32\tquery.dll
2016-11-09 18:44:19 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2016-11-09 18:44:19 ----A---- C:\Windows\system32\combase.dll
2016-11-09 18:44:18 ----A---- C:\Windows\system32\OpcServices.dll
2016-11-09 18:44:18 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-09 18:44:18 ----A---- C:\Windows\system32\d2d1.dll
2016-11-09 18:44:17 ----A---- C:\Windows\system32\mssrch.dll
2016-11-09 18:44:17 ----A---- C:\Windows\system32\CertEnroll.dll
2016-11-09 18:44:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-09 18:44:16 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2016-11-09 18:44:16 ----A---- C:\Windows\system32\urlmon.dll
2016-11-09 18:44:15 ----A---- C:\Windows\SYSWOW64\mos.dll
2016-11-09 18:44:15 ----A---- C:\Windows\system32\hevcdecoder.dll
2016-11-09 18:44:14 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-11-09 18:44:13 ----A---- C:\Windows\system32\wuaueng.dll
2016-11-09 18:44:13 ----A---- C:\Windows\system32\WpcMon.exe
2016-11-09 18:44:13 ----A---- C:\Windows\system32\vbscript.dll
2016-11-09 18:44:12 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2016-11-09 18:44:12 ----A---- C:\Windows\system32\InputService.dll
2016-11-09 18:44:12 ----A---- C:\Windows\system32\ClipSVC.dll
2016-11-09 18:44:11 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2016-11-09 18:44:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-09 18:44:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-09 18:44:10 ----A---- C:\Windows\system32\mmcndmgr.dll
2016-11-09 18:44:09 ----A---- C:\Windows\SYSWOW64\mfasfsrcsnk.dll
2016-11-09 18:44:09 ----A---- C:\Windows\SYSWOW64\BingMaps.dll
2016-11-09 18:44:08 ----A---- C:\Windows\explorer.exe
2016-11-09 18:44:07 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-11-09 18:44:07 ----A---- C:\Windows\system32\wmdrmdev.dll
2016-11-09 18:44:06 ----A---- C:\Windows\system32\sppwinob.dll
2016-11-09 18:44:05 ----A---- C:\Windows\system32\mstscax.dll
2016-11-09 18:44:05 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-11-09 18:44:04 ----A---- C:\Windows\SYSWOW64\combase.dll
2016-11-09 18:44:04 ----A---- C:\Windows\system32\Windows.UI.Shell.dll
2016-11-09 18:44:04 ----A---- C:\Windows\system32\rdpcorets.dll
2016-11-09 18:44:03 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-11-09 18:44:03 ----A---- C:\Windows\system32\WpcWebSync.dll
2016-11-09 18:44:03 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-09 18:44:02 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-11-09 18:44:01 ----A---- C:\Windows\system32\UIRibbon.dll
2016-11-09 18:44:01 ----A---- C:\Windows\system32\crypt32.dll
2016-11-09 18:44:00 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2016-11-09 18:44:00 ----A---- C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-11-09 18:44:00 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2016-11-09 18:44:00 ----A---- C:\Windows\system32\mmc.exe
2016-11-09 18:43:59 ----A---- C:\Windows\SYSWOW64\tquery.dll
2016-11-09 18:43:59 ----A---- C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2016-11-09 18:43:59 ----A---- C:\Windows\system32\Windows.Globalization.dll
2016-11-09 18:43:58 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-11-09 18:43:58 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2016-11-09 18:43:58 ----A---- C:\Windows\system32\dosvc.dll
2016-11-09 18:43:58 ----A---- C:\Windows\system32\d3d10warp.dll
2016-11-09 18:43:57 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-11-09 18:43:57 ----A---- C:\Windows\system32\RemoteNaturalLanguage.dll
2016-11-09 18:43:57 ----A---- C:\Windows\system32\PrintDialogs3D.dll
2016-11-09 18:43:57 ----A---- C:\Windows\system32\mfasfsrcsnk.dll
2016-11-09 18:43:56 ----A---- C:\Windows\system32\fontdrvhost.exe
2016-11-09 18:43:56 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-11-09 18:43:55 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-11-09 18:43:55 ----A---- C:\Windows\system32\xpsrchvw.exe
2016-11-09 18:43:54 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-11-09 18:43:53 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll
2016-11-09 18:43:53 ----A---- C:\Windows\system32\wifinetworkmanager.dll
2016-11-09 18:43:53 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-11-09 18:43:52 ----A---- C:\Windows\SYSWOW64\InputService.dll
2016-11-09 18:43:52 ----A---- C:\Windows\system32\winload.exe
2016-11-09 18:43:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll
2016-11-09 18:43:52 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2016-11-09 18:43:51 ----A---- C:\Windows\system32\SpeechPal.dll
2016-11-09 18:43:51 ----A---- C:\Windows\system32\mfsvr.dll
2016-11-09 18:43:51 ----A---- C:\Windows\system32\kerberos.dll
2016-11-09 18:43:51 ----A---- C:\Windows\system32\comdlg32.dll
2016-11-09 18:43:50 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-11-09 18:43:50 ----A---- C:\Windows\system32\WWAHost.exe
2016-11-09 18:43:50 ----A---- C:\Windows\system32\drivers\clfs.sys
2016-11-09 18:43:49 ----A---- C:\Windows\SYSWOW64\hevcdecoder.dll
2016-11-09 18:43:49 ----A---- C:\Windows\system32\Windows.Media.dll
2016-11-09 18:43:49 ----A---- C:\Windows\system32\MbaeApiPublic.dll
2016-11-09 18:43:48 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-09 18:43:48 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2016-11-09 18:43:48 ----A---- C:\Windows\system32\TokenBroker.dll
2016-11-09 18:43:48 ----A---- C:\Windows\system32\mfsrcsnk.dll
2016-11-09 18:43:48 ----A---- C:\Windows\system32\comuid.dll
2016-11-09 18:43:47 ----A---- C:\Windows\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 18:43:47 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-11-09 18:43:46 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2016-11-09 18:43:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-09 18:43:46 ----A---- C:\Windows\system32\atmfd.dll
2016-11-09 18:43:45 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-09 18:43:45 ----A---- C:\Windows\system32\SHCore.dll
2016-11-09 18:43:45 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2016-11-09 18:43:45 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-09 18:43:45 ----A---- C:\Windows\system32\audiosrv.dll
2016-11-09 18:43:44 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2016-11-09 18:43:44 ----A---- C:\Windows\SYSWOW64\OpcServices.dll
2016-11-09 18:43:44 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2016-11-09 18:43:44 ----A---- C:\Windows\system32\WinSAT.exe
2016-11-09 18:43:44 ----A---- C:\Windows\system32\twinapi.appcore.dll
2016-11-09 18:43:43 ----A---- C:\Windows\SYSWOW64\NaturalLanguage6.dll
2016-11-09 18:43:43 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-11-09 18:43:42 ----A---- C:\Windows\SYSWOW64\mfsrcsnk.dll
2016-11-09 18:43:42 ----A---- C:\Windows\system32\Windows.Media.Editing.dll
2016-11-09 18:43:41 ----A---- C:\Windows\SYSWOW64\MsSpellCheckingFacility.dll
2016-11-09 18:43:41 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-11-09 18:43:41 ----A---- C:\Windows\system32\win32kbase.sys
2016-11-09 18:43:41 ----A---- C:\Windows\system32\msctf.dll
2016-11-09 18:43:40 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-09 18:43:40 ----A---- C:\Windows\system32\Windows.UI.Cred.dll
2016-11-09 18:43:40 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-09 18:43:39 ----A---- C:\Windows\system32\WindowsCodecsRaw.dll
2016-11-09 18:43:38 ----A---- C:\Windows\SYSWOW64\mmc.exe
2016-11-09 18:43:37 ----A---- C:\Windows\system32\ole32.dll
2016-11-09 18:43:37 ----A---- C:\Windows\system32\netshell.dll
2016-11-09 18:43:37 ----A---- C:\Windows\system32\JpMapControl.dll
2016-11-09 18:43:36 ----A---- C:\Windows\system32\Windows.Media.Speech.dll
2016-11-09 18:43:36 ----A---- C:\Windows\system32\eappcfg.dll
2016-11-09 18:43:36 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-09 18:43:36 ----A---- C:\Windows\system32\aeinv.dll
2016-11-09 18:43:35 ----A---- C:\Windows\SYSWOW64\MbaeApiPublic.dll
2016-11-09 18:43:35 ----A---- C:\Windows\SYSWOW64\comuid.dll
2016-11-09 18:43:35 ----A---- C:\Windows\system32\wintrust.dll
2016-11-09 18:43:35 ----A---- C:\Windows\system32\policymanager.dll
2016-11-09 18:43:34 ----A---- C:\Windows\SYSWOW64\RemoteNaturalLanguage.dll
2016-11-09 18:43:34 ----A---- C:\Windows\system32\wpdshext.dll
2016-11-09 18:43:34 ----A---- C:\Windows\system32\Taskmgr.exe
2016-11-09 18:43:34 ----A---- C:\Windows\system32\NgcCtnrGidsHandler.dll
2016-11-09 18:43:34 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-11-09 18:43:33 ----A---- C:\Windows\SYSWOW64\Taskmgr.exe
2016-11-09 18:43:33 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2016-11-09 18:43:33 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-09 18:43:32 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-09 18:43:32 ----A---- C:\Windows\system32\wmpeffects.dll
2016-11-09 18:43:32 ----A---- C:\Windows\system32\SearchIndexer.exe
2016-11-09 18:43:32 ----A---- C:\Windows\system32\Pimstore.dll
2016-11-09 18:43:32 ----A---- C:\Windows\system32\MapsStore.dll
2016-11-09 18:43:31 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2016-11-09 18:43:31 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2016-11-09 18:43:31 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-11-09 18:43:30 ----A---- C:\Windows\SYSWOW64\propsys.dll
2016-11-09 18:43:30 ----A---- C:\Windows\system32\ntdll.dll
2016-11-09 18:43:30 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-09 18:43:30 ----A---- C:\Windows\system32\drivers\cng.sys
2016-11-09 18:43:30 ----A---- C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-11-09 18:43:29 ----A---- C:\Windows\SYSWOW64\twinapi.appcore.dll
2016-11-09 18:43:29 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2016-11-09 18:43:29 ----A---- C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-11-09 18:43:29 ----A---- C:\Windows\system32\SettingSync.dll
2016-11-09 18:43:29 ----A---- C:\Windows\system32\RTMediaFrame.dll
2016-11-09 18:43:28 ----A---- C:\Windows\SYSWOW64\WMVCORE.DLL
2016-11-09 18:43:28 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2016-11-09 18:43:28 ----A---- C:\Windows\system32\propsys.dll
2016-11-09 18:43:27 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2016-11-09 18:43:27 ----A---- C:\Windows\system32\Windows.Media.MediaControl.dll
2016-11-09 18:43:27 ----A---- C:\Windows\system32\ubpm.dll
2016-11-09 18:43:27 ----A---- C:\Windows\system32\RDXService.dll
2016-11-09 18:43:27 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-11-09 18:43:26 ----A---- C:\Windows\SYSWOW64\WWAHost.exe
2016-11-09 18:43:26 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-11-09 18:43:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-09 18:43:26 ----A---- C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-11-09 18:43:25 ----A---- C:\Windows\SYSWOW64\Windows.Media.MediaControl.dll
2016-11-09 18:43:25 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-11-09 18:43:25 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-11-09 18:43:25 ----A---- C:\Windows\system32\authui.dll
2016-11-09 18:43:24 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-11-09 18:43:24 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-09 18:43:24 ----A---- C:\Windows\SYSWOW64\JpMapControl.dll
2016-11-09 18:43:24 ----A---- C:\Windows\system32\Windows.Devices.SmartCards.dll
2016-11-09 18:43:24 ----A---- C:\Windows\system32\provcore.dll
2016-11-09 18:43:24 ----A---- C:\Windows\system32\DafPrintProvider.dll
2016-11-09 18:43:23 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 18:43:23 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2016-11-09 18:43:23 ----A---- C:\Windows\system32\wsecedit.dll
2016-11-09 18:43:23 ----A---- C:\Windows\system32\wmpps.dll
2016-11-09 18:43:23 ----A---- C:\Windows\system32\Windows.Media.Import.dll
2016-11-09 18:43:23 ----A---- C:\Windows\system32\wdigest.dll
2016-11-09 18:43:23 ----A---- C:\Windows\system32\GamePanel.exe
2016-11-09 18:43:22 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2016-11-09 18:43:22 ----A---- C:\Windows\SYSWOW64\MessagingDataModel2.dll
2016-11-09 18:43:22 ----A---- C:\Windows\system32\SettingSyncCore.dll
2016-11-09 18:43:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-09 18:43:22 ----A---- C:\Windows\system32\ActiveSyncProvider.dll
2016-11-09 18:43:21 ----A---- C:\Windows\SYSWOW64\Windows.Graphics.Printing.3D.dll
2016-11-09 18:43:21 ----A---- C:\Windows\system32\WSShared.dll
2016-11-09 18:43:21 ----A---- C:\Windows\system32\UserLanguagesCpl.dll
2016-11-09 18:43:21 ----A---- C:\Windows\system32\aclui.dll
2016-11-09 18:43:20 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-09 18:43:20 ----A---- C:\Windows\system32\reseteng.dll
2016-11-09 18:43:19 ----A---- C:\Windows\system32\wwansvc.dll
2016-11-09 18:43:19 ----A---- C:\Windows\system32\WMPDMC.exe
2016-11-09 18:43:19 ----A---- C:\Windows\system32\usercpl.dll
2016-11-09 18:43:19 ----A---- C:\Windows\system32\LockAppBroker.dll
2016-11-09 18:43:19 ----A---- C:\Windows\system32\invagent.dll
2016-11-09 18:43:18 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-09 18:43:18 ----A---- C:\Windows\SYSWOW64\netshell.dll
2016-11-09 18:43:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-09 18:43:18 ----A---- C:\Windows\system32\MapConfiguration.dll
2016-11-09 18:43:18 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-11-09 18:43:18 ----A---- C:\Windows\system32\dbgeng.dll
2016-11-09 18:43:17 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2016-11-09 18:43:17 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 18:43:17 ----A---- C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-11-09 18:43:17 ----A---- C:\Windows\system32\eapp3hst.dll
2016-11-09 18:43:17 ----A---- C:\Windows\system32\certcli.dll
2016-11-09 18:43:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-09 18:43:16 ----A---- C:\Windows\system32\winresume.exe
2016-11-09 18:43:16 ----A---- C:\Windows\system32\mfps.dll
2016-11-09 18:43:15 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-11-09 18:43:15 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-09 18:43:15 ----A---- C:\Windows\system32\EditionUpgradeHelper.dll
2016-11-09 18:43:15 ----A---- C:\Windows\HelpPane.exe
2016-11-09 18:43:14 ----A---- C:\Windows\SYSWOW64\xpsrchvw.exe
2016-11-09 18:43:14 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2016-11-09 18:43:14 ----A---- C:\Windows\system32\UserDataService.dll
2016-11-09 18:43:14 ----A---- C:\Windows\system32\PlayToManager.dll
2016-11-09 18:43:14 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-09 18:43:13 ----A---- C:\Windows\SYSWOW64\Windows.Media.Editing.dll
2016-11-09 18:43:13 ----A---- C:\Windows\system32\MessagingDataModel2.dll
2016-11-09 18:43:12 ----A---- C:\Windows\system32\UIRibbonRes.dll
2016-11-09 18:43:12 ----A---- C:\Windows\system32\SharedStartModel.dll
2016-11-09 18:43:12 ----A---- C:\Windows\system32\generaltel.dll
2016-11-09 18:43:12 ----A---- C:\Windows\system32\eapphost.dll
2016-11-09 18:43:12 ----A---- C:\Windows\system32\appraiser.dll
2016-11-09 18:43:11 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-09 18:43:11 ----A---- C:\Windows\system32\Windows.AccountsControl.dll
2016-11-09 18:43:11 ----A---- C:\Windows\system32\sessionmsg.exe
2016-11-09 18:43:11 ----A---- C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:43:11 ----A---- C:\Windows\system32\netcfgx.dll
2016-11-09 18:43:11 ----A---- C:\Windows\system32\input.dll
2016-11-09 18:43:10 ----A---- C:\Windows\system32\WWanAPI.dll
2016-11-09 18:43:10 ----A---- C:\Windows\system32\wbengine.exe
2016-11-09 18:43:10 ----A---- C:\Windows\system32\sppobjs.dll
2016-11-09 18:43:10 ----A---- C:\Windows\system32\modernexecserver.dll
2016-11-09 18:43:10 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-09 18:43:10 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-11-09 18:43:09 ----A---- C:\Windows\system32\WlanMediaManager.dll
2016-11-09 18:43:09 ----A---- C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2016-11-09 18:43:09 ----A---- C:\Windows\system32\twinapi.dll
2016-11-09 18:43:09 ----A---- C:\Windows\system32\mbsmsapi.dll
2016-11-09 18:43:09 ----A---- C:\Windows\system32\DavSyncProvider.dll
2016-11-09 18:43:08 ----A---- C:\Windows\system32\wvc.dll
2016-11-09 18:43:07 ----A---- C:\Windows\SYSWOW64\Windows.Storage.ApplicationData.dll
2016-11-09 18:43:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-09 18:43:07 ----A---- C:\Windows\SYSWOW64\AppointmentApis.dll
2016-11-09 18:43:06 ----A---- C:\Windows\SYSWOW64\gameux.dll
2016-11-09 18:43:06 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2016-11-09 18:43:06 ----A---- C:\Windows\system32\wldp.dll
2016-11-09 18:43:06 ----A---- C:\Windows\system32\TpmTasks.dll
2016-11-09 18:43:06 ----A---- C:\Windows\system32\LogonController.dll
2016-11-09 18:43:05 ----A---- C:\Windows\SYSWOW64\wldp.dll
2016-11-09 18:43:05 ----A---- C:\Windows\SYSWOW64\Windows.Media.Speech.dll
2016-11-09 18:43:05 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-09 18:43:05 ----A---- C:\Windows\system32\LockAppHost.exe
2016-11-09 18:43:05 ----A---- C:\Windows\system32\DMRServer.dll
2016-11-09 18:43:04 ----A---- C:\Windows\SYSWOW64\twinapi.dll
2016-11-09 18:43:04 ----A---- C:\Windows\system32\workfolderssvc.dll
2016-11-09 18:43:04 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2016-11-09 18:43:04 ----A---- C:\Windows\system32\fveapi.dll
2016-11-09 18:43:03 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2016-11-09 18:43:03 ----A---- C:\Windows\system32\wpccpl.dll
2016-11-09 18:43:03 ----A---- C:\Windows\system32\pcasvc.dll
2016-11-09 18:43:03 ----A---- C:\Windows\system32\AuthHost.exe
2016-11-09 18:43:02 ----A---- C:\Windows\SYSWOW64\wdc.dll
2016-11-09 18:43:02 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-11-09 18:43:02 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2016-11-09 18:43:02 ----A---- C:\Windows\system32\wlanpref.dll
2016-11-09 18:43:02 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-11-09 18:43:01 ----A---- C:\Windows\system32\SearchFolder.dll
2016-11-09 18:43:01 ----A---- C:\Windows\system32\mstsc.exe
2016-11-09 18:43:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-09 18:43:00 ----A---- C:\Windows\system32\WMNetMgr.dll
2016-11-09 18:43:00 ----A---- C:\Windows\system32\SystemSettings.Handlers.dll
2016-11-09 18:43:00 ----A---- C:\Windows\system32\apprepapi.dll
2016-11-09 18:42:59 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2016-11-09 18:42:59 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2016-11-09 18:42:59 ----A---- C:\Windows\system32\CryptoWinRT.dll
2016-11-09 18:42:58 ----A---- C:\Windows\SYSWOW64\Windows.Media.Import.dll
2016-11-09 18:42:58 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-11-09 18:42:58 ----A---- C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:42:58 ----A---- C:\Windows\system32\MapControlCore.dll
2016-11-09 18:42:58 ----A---- C:\Windows\system32\internetmail.dll
2016-11-09 18:42:57 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-11-09 18:42:57 ----A---- C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-11-09 18:42:57 ----A---- C:\Windows\system32\netman.dll
2016-11-09 18:42:57 ----A---- C:\Windows\system32\gameux.dll
2016-11-09 18:42:56 ----A---- C:\Windows\SYSWOW64\WMPDMC.exe
2016-11-09 18:42:56 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2016-11-09 18:42:55 ----A---- C:\Windows\SYSWOW64\oemlicense.dll
2016-11-09 18:42:55 ----A---- C:\Windows\system32\shsetup.dll
2016-11-09 18:42:55 ----A---- C:\Windows\system32\PrintDialogs.dll
2016-11-09 18:42:55 ----A---- C:\Windows\system32\hgcpl.dll
2016-11-09 18:42:54 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-09 18:42:54 ----A---- C:\Windows\system32\WebcamUi.dll
2016-11-09 18:42:54 ----A---- C:\Windows\system32\ApplicationFrame.dll
2016-11-09 18:42:53 ----A---- C:\Windows\system32\wlancfg.dll
2016-11-09 18:42:53 ----A---- C:\Windows\system32\localspl.dll
2016-11-09 18:42:53 ----A---- C:\Windows\system32\facecredentialprovider.dll
2016-11-09 18:42:53 ----A---- C:\Windows\system32\ContactApis.dll
2016-11-09 18:42:53 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-09 18:42:52 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2016-11-09 18:42:52 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-11-09 18:42:52 ----A---- C:\Windows\system32\SyncCenter.dll
2016-11-09 18:42:51 ----A---- C:\Windows\SYSWOW64\ShareHost.dll
2016-11-09 18:42:51 ----A---- C:\Windows\SYSWOW64\RTMediaFrame.dll
2016-11-09 18:42:51 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-11-09 18:42:51 ----A---- C:\Windows\system32\ntshrui.dll
2016-11-09 18:42:51 ----A---- C:\Windows\system32\DevicePairing.dll
2016-11-09 18:42:50 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-11-09 18:42:50 ----A---- C:\Windows\system32\oemlicense.dll
2016-11-09 18:42:49 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2016-11-09 18:42:49 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-11-09 18:42:48 ----A---- C:\Windows\system32\gpedit.dll
2016-11-09 18:42:48 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2016-11-09 18:42:47 ----A---- C:\Windows\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 18:42:47 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2016-11-09 18:42:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2016-11-09 18:42:47 ----A---- C:\Windows\system32\ShareHost.dll
2016-11-09 18:42:47 ----A---- C:\Windows\system32\CredProvDataModel.dll
2016-11-09 18:42:46 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-11-09 18:42:46 ----A---- C:\Windows\system32\WSSync.dll
2016-11-09 18:42:46 ----A---- C:\Windows\system32\RDXTaskFactory.dll
2016-11-09 18:42:46 ----A---- C:\Windows\system32\ChatApis.dll
2016-11-09 18:42:45 ----A---- C:\Windows\system32\wuuhext.dll
2016-11-09 18:42:45 ----A---- C:\Windows\system32\Windows.Media.Streaming.ps.dll
2016-11-09 18:42:45 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 18:42:45 ----A---- C:\Windows\system32\ExecModelClient.dll
2016-11-09 18:42:43 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2016-11-09 18:42:43 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2016-11-09 18:42:42 ----A---- C:\Windows\system32\eappgnui.dll
2016-11-09 18:42:42 ----A---- C:\Windows\system32\AppReadiness.dll
2016-11-09 18:42:42 ----A---- C:\Windows\system32\APHostService.dll
2016-11-09 18:42:41 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2016-11-09 18:42:41 ----A---- C:\Windows\system32\Windows.Networking.Proximity.dll
2016-11-09 18:42:41 ----A---- C:\Windows\system32\MiracastReceiver.dll
2016-11-09 18:42:40 ----A---- C:\Windows\SYSWOW64\wlancfg.dll
2016-11-09 18:42:40 ----A---- C:\Windows\SYSWOW64\NAPCRYPT.DLL
2016-11-09 18:42:40 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2016-11-09 18:42:40 ----A---- C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:42:40 ----A---- C:\Windows\system32\DataSenseHandlers.dll
2016-11-09 18:42:39 ----A---- C:\Windows\system32\wlansvc.dll
2016-11-09 18:42:39 ----A---- C:\Windows\system32\SettingsHandlers_StorageSense.dll
2016-11-09 18:42:39 ----A---- C:\Windows\system32\msftedit.dll
2016-11-09 18:42:38 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2016-11-09 18:42:38 ----A---- C:\Windows\system32\wdc.dll
2016-11-09 18:42:38 ----A---- C:\Windows\system32\EmailApis.dll
2016-11-09 18:42:38 ----A---- C:\Windows\system32\cryptui.dll
2016-11-09 18:42:38 ----A---- C:\Windows\system32\AppointmentApis.dll
2016-11-09 18:42:37 ----A---- C:\Windows\SYSWOW64\PrintDialogs.dll
2016-11-09 18:42:37 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-11-09 18:42:37 ----A---- C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2016-11-09 18:42:37 ----A---- C:\Windows\system32\SettingsHandlers_Geolocation.dll
2016-11-09 18:42:36 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2016-11-09 18:42:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-09 18:42:35 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2016-11-09 18:42:35 ----A---- C:\Windows\SYSWOW64\sud.dll
2016-11-09 18:42:35 ----A---- C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:42:35 ----A---- C:\Windows\system32\sud.dll
2016-11-09 18:42:35 ----A---- C:\Windows\system32\rasgcw.dll
2016-11-09 18:42:35 ----A---- C:\Windows\system32\IdCtrls.dll
2016-11-09 18:42:34 ----A---- C:\Windows\SYSWOW64\rasgcw.dll
2016-11-09 18:42:34 ----A---- C:\Windows\SYSWOW64\provcore.dll
2016-11-09 18:42:34 ----A---- C:\Windows\SYSWOW64\mbsmsapi.dll
2016-11-09 18:42:34 ----A---- C:\Windows\SYSWOW64\IdCtrls.dll
2016-11-09 18:42:34 ----A---- C:\Windows\system32\wpncore.dll
2016-11-09 18:42:34 ----A---- C:\Windows\system32\WalletService.dll
2016-11-09 18:42:34 ----A---- C:\Windows\system32\MusNotificationUx.exe
2016-11-09 18:42:33 ----A---- C:\Windows\SYSWOW64\wlanpref.dll
2016-11-09 18:42:33 ----A---- C:\Windows\SYSWOW64\UserLanguagesCpl.dll
2016-11-09 18:42:33 ----A---- C:\Windows\SYSWOW64\LockAppBroker.dll
2016-11-09 18:42:33 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2016-11-09 18:42:33 ----A---- C:\Windows\system32\werconcpl.dll
2016-11-09 18:42:33 ----A---- C:\Windows\system32\sdengin2.dll
2016-11-09 18:42:33 ----A---- C:\Windows\system32\ipsecsnp.dll
2016-11-09 18:42:33 ----A---- C:\Windows\system32\iassvcs.dll
2016-11-09 18:42:32 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2016-11-09 18:42:32 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-09 18:42:32 ----A---- C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-11-09 18:42:32 ----A---- C:\Windows\system32\bisrv.dll
2016-11-09 18:42:31 ----A---- C:\Windows\SYSWOW64\WSSync.dll
2016-11-09 18:42:31 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 18:42:31 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2016-11-09 18:42:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-09 18:42:30 ----A---- C:\Windows\SYSWOW64\wvc.dll
2016-11-09 18:42:30 ----A---- C:\Windows\SYSWOW64\WebcamUi.dll
2016-11-09 18:42:30 ----A---- C:\Windows\SYSWOW64\AzureSettingSyncProvider.dll
2016-11-09 18:42:30 ----A---- C:\Windows\system32\themecpl.dll
2016-11-09 18:42:30 ----A---- C:\Windows\system32\AppxApplicabilityEngine.dll
2016-11-09 18:42:29 ----A---- C:\Windows\system32\webcheck.dll
2016-11-09 18:42:29 ----A---- C:\Windows\system32\pnidui.dll
2016-11-09 18:42:29 ----A---- C:\Windows\system32\msdt.exe
2016-11-09 18:42:28 ----A---- C:\Windows\SYSWOW64\PhotoScreensaver.scr
2016-11-09 18:42:28 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2016-11-09 18:42:28 ----A---- C:\Windows\system32\StikyNot.exe
2016-11-09 18:42:28 ----A---- C:\Windows\system32\licensingdiag.exe
2016-11-09 18:42:28 ----A---- C:\Windows\system32\Display.dll
2016-11-09 18:42:28 ----A---- C:\Windows\system32\diagtrack_win.dll
2016-11-09 18:42:27 ----A---- C:\Windows\SYSWOW64\Windows.Devices.SmartCards.dll
2016-11-09 18:42:26 ----A---- C:\Windows\system32\wwanmm.dll
2016-11-09 18:42:25 ----A---- C:\Windows\system32\Windows.Storage.Search.dll
2016-11-09 18:42:25 ----A---- C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2016-11-09 18:42:25 ----A---- C:\Windows\system32\mssprxy.dll
2016-11-09 18:42:24 ----A---- C:\Windows\SYSWOW64\Windows.Networking.Proximity.dll
2016-11-09 18:42:24 ----A---- C:\Windows\SYSWOW64\MapConfiguration.dll
2016-11-09 18:42:24 ----A---- C:\Windows\SYSWOW64\LogonController.dll
2016-11-09 18:42:24 ----A---- C:\Windows\SYSWOW64\licensingdiag.exe
2016-11-09 18:42:24 ----A---- C:\Windows\system32\wcnwiz.dll
2016-11-09 18:42:24 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-09 18:42:24 ----A---- C:\Windows\system32\dui70.dll
2016-11-09 18:42:24 ----A---- C:\Windows\system32\diagtrack_wininternal.dll
2016-11-09 18:42:23 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-09 18:42:23 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2016-11-09 18:42:23 ----A---- C:\Windows\SYSWOW64\DevicePairing.dll
2016-11-09 18:42:23 ----A---- C:\Windows\system32\wlanui.dll
2016-11-09 18:42:23 ----A---- C:\Windows\system32\OneBackupHandler.dll
2016-11-09 18:42:22 ----A---- C:\Windows\SYSWOW64\wcnwiz.dll
2016-11-09 18:42:22 ----A---- C:\Windows\SYSWOW64\aclui.dll
2016-11-09 18:42:22 ----A---- C:\Windows\system32\wwanconn.dll
2016-11-09 18:42:22 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2016-11-09 18:42:21 ----A---- C:\Windows\SYSWOW64\dui70.dll
2016-11-09 18:42:21 ----A---- C:\Windows\system32\WPTaskScheduler.dll
2016-11-09 18:42:21 ----A---- C:\Windows\system32\wpr.exe
2016-11-09 18:42:21 ----A---- C:\Windows\system32\wcmsvc.dll
2016-11-09 18:42:21 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2016-11-09 18:42:20 ----A---- C:\Windows\SYSWOW64\WMNetMgr.dll
2016-11-09 18:42:20 ----A---- C:\Windows\SYSWOW64\ipsecsnp.dll
2016-11-09 18:42:20 ----A---- C:\Windows\SYSWOW64\iassvcs.dll
2016-11-09 18:42:20 ----A---- C:\Windows\system32\wiaaut.dll
2016-11-09 18:42:20 ----A---- C:\Windows\system32\RADCUI.dll
2016-11-09 18:42:20 ----A---- C:\Windows\system32\iepeers.dll
2016-11-09 18:42:20 ----A---- C:\Windows\system32\apprepsync.dll
2016-11-09 18:42:19 ----A---- C:\Windows\SYSWOW64\wsecedit.dll
2016-11-09 18:42:19 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-09 18:42:19 ----A---- C:\Windows\system32\mspaint.exe
2016-11-09 18:42:18 ----A---- C:\Windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2016-11-09 18:42:18 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2016-11-09 18:42:18 ----A---- C:\Windows\SYSWOW64\PlayToManager.dll
2016-11-09 18:42:18 ----A---- C:\Windows\system32\WLanConn.dll
2016-11-09 18:42:18 ----A---- C:\Windows\system32\PlayToReceiver.dll
2016-11-09 18:42:17 ----A---- C:\Windows\SYSWOW64\WPDShServiceObj.dll
2016-11-09 18:42:17 ----A---- C:\Windows\SYSWOW64\WLanConn.dll
2016-11-09 18:42:17 ----A---- C:\Windows\SYSWOW64\Windows.AccountsControl.dll
2016-11-09 18:42:17 ----A---- C:\Windows\SYSWOW64\ipsmsnap.dll
2016-11-09 18:42:17 ----A---- C:\Windows\SYSWOW64\ExecModelClient.dll
2016-11-09 18:42:17 ----A---- C:\Windows\system32\SettingMonitor.dll
2016-11-09 18:42:17 ----A---- C:\Windows\system32\ipsmsnap.dll
2016-11-09 18:42:17 ----A---- C:\Windows\system32\dccw.exe
2016-11-09 18:42:16 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.ps.dll
2016-11-09 18:42:16 ----A---- C:\Windows\SYSWOW64\mspaint.exe
2016-11-09 18:42:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-09 18:42:16 ----A---- C:\Windows\SYSWOW64\apprepapi.dll
2016-11-09 18:42:16 ----A---- C:\Windows\system32\Windows.Graphics.dll
2016-11-09 18:42:16 ----A---- C:\Windows\system32\usocore.dll
2016-11-09 18:42:16 ----A---- C:\Windows\system32\credprovs.dll
2016-11-09 18:42:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-09 18:42:15 ----A---- C:\Windows\SYSWOW64\GamePanel.exe
2016-11-09 18:42:15 ----A---- C:\Windows\SYSWOW64\findnetprinters.dll
2016-11-09 18:42:15 ----A---- C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-11-09 18:42:15 ----A---- C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-11-09 18:42:15 ----A---- C:\Windows\system32\mqsnap.dll
2016-11-09 18:42:14 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2016-11-09 18:42:14 ----A---- C:\Windows\SYSWOW64\dot3ui.dll
2016-11-09 18:42:14 ----A---- C:\Windows\system32\Windows.Devices.Picker.dll
2016-11-09 18:42:14 ----A---- C:\Windows\system32\NetworkDesktopSettings.dll
2016-11-09 18:42:14 ----A---- C:\Windows\system32\MBMediaManager.dll
2016-11-09 18:42:14 ----A---- C:\Windows\system32\LegacyNetUXHost.exe
2016-11-09 18:42:14 ----A---- C:\Windows\system32\FingerprintEnrollment.dll
2016-11-09 18:42:14 ----A---- C:\Windows\system32\dot3ui.dll
2016-11-09 18:42:14 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2016-11-09 18:42:13 ----A---- C:\Windows\SYSWOW64\verifiergui.exe
2016-11-09 18:42:13 ----A---- C:\Windows\SYSWOW64\apprepsync.dll
2016-11-09 18:42:13 ----A---- C:\Windows\system32\verifiergui.exe
2016-11-09 18:42:12 ----A---- C:\Windows\system32\credssp.dll
2016-11-09 18:42:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-09 18:42:11 ----A---- C:\Windows\system32\msi.dll
2016-11-09 18:42:09 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-11-09 18:42:09 ----A---- C:\Windows\SYSWOW64\dbgcore.dll
2016-11-09 18:42:09 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-11-09 18:42:09 ----A---- C:\Windows\system32\msscp.dll
2016-11-09 18:42:09 ----A---- C:\Windows\system32\blackbox.dll
2016-11-09 18:42:08 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-11-09 18:42:08 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-09 18:42:08 ----A---- C:\Windows\system32\msnetobj.dll
2016-11-09 18:42:08 ----A---- C:\Windows\system32\dbgcore.dll
2016-11-09 18:42:08 ----A---- C:\Windows\system32\atmlib.dll
2016-11-07 17:21:59 ----D---- C:\Windows\system32\SleepStudy
2016-11-01 16:07:30 ----D---- C:\Users\P & M\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2016-10-26 17:17:00 ----A---- C:\Windows\system32\PortChanger.exe
2016-10-26 17:17:00 ----A---- C:\Windows\system32\drivers\Dot4usb.sys
2016-10-26 17:17:00 ----A---- C:\Windows\system32\drivers\Dot4Prt.sys
2016-10-26 17:17:00 ----A---- C:\Windows\system32\drivers\Dot4.sys
2016-10-26 17:10:10 ----A---- C:\Windows\system32\hpwwiax5.dll
2016-10-26 17:10:10 ----A---- C:\Windows\system32\hpwtiop4.dll
2016-10-26 17:10:10 ----A---- C:\Windows\system32\hpovst11.dll
2016-10-26 17:10:09 ----A---- C:\Windows\system32\hppldcoi.dll
2016-10-26 17:05:26 ----D---- C:\ProgramData\HP

======List of files/folders modified in the last 1 month======

2016-11-23 18:40:19 ----RD---- C:\Program Files
2016-11-23 18:38:56 ----D---- C:\Windows\Temp
2016-11-23 18:33:54 ----D---- C:\Windows\Prefetch
2016-11-23 18:28:53 ----HD---- C:\Program Files\WindowsApps
2016-11-23 18:27:35 ----D---- C:\Program Files\TrueKey
2016-11-23 18:27:12 ----SHD---- C:\Windows\Installer
2016-11-23 18:27:04 ----D---- C:\Windows\system32\sru
2016-11-23 18:21:54 ----SHD---- C:\System Volume Information
2016-11-23 18:20:57 ----D---- C:\Windows\System32
2016-11-23 18:20:57 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-23 18:18:57 ----D---- C:\ProgramData\NVIDIA
2016-11-23 18:15:24 ----D---- C:\Windows\system32\WDI
2016-11-23 18:13:04 ----D---- C:\Windows\Logs
2016-11-23 18:03:09 ----D---- C:\Windows\system32\config
2016-11-23 17:56:12 ----D---- C:\Windows\WinSxS
2016-11-23 17:56:02 ----D---- C:\Windows
2016-11-23 17:53:41 ----D---- C:\Windows\system32\drivers
2016-11-23 17:53:41 ----D---- C:\Program Files\Common Files\McAfee
2016-11-23 17:53:40 ----HD---- C:\ProgramData
2016-11-23 17:53:40 ----D---- C:\Program Files\Common Files
2016-11-23 17:52:44 ----D---- C:\Windows\SysWOW64
2016-11-23 17:37:38 ----D---- C:\Windows\Panther
2016-11-23 17:37:38 ----D---- C:\Windows\INF
2016-11-23 17:37:36 ----D---- C:\Windows\debug
2016-11-23 17:26:47 ----HD---- C:\Windows\ELAMBKUP
2016-11-23 17:19:43 ----D---- C:\Windows\system32\Tasks
2016-11-23 17:14:00 ----D---- C:\ProgramData\McAfee
2016-11-23 17:09:06 ----D---- C:\Users\P & M\AppData\Roaming\Adobe
2016-11-23 17:05:30 ----RSD---- C:\Windows\assembly
2016-11-23 17:01:08 ----D---- C:\Program Files\mcafee
2016-11-23 16:50:26 ----D---- C:\Windows\system32\DriverStore
2016-11-23 16:23:45 ----D---- C:\Program Files\wkokes_7_25
2016-11-23 16:12:15 ----D---- C:\Program Files (x86)\Google
2016-11-23 16:11:35 ----RD---- C:\Program Files (x86)
2016-11-23 16:09:16 ----D---- C:\Program Files (x86)\McAfee
2016-11-22 19:29:53 ----D---- C:\Windows\Microsoft.NET
2016-11-22 16:41:38 ----D---- C:\Program Files (x86)\Adobe
2016-11-22 16:41:01 ----RSD---- C:\Windows\Fonts
2016-11-22 16:39:06 ----D---- C:\ProgramData\Adobe
2016-11-22 16:27:28 ----D---- C:\Windows\system32\drivers\etc
2016-11-22 16:08:00 ----D---- C:\Windows\AppReadiness
2016-11-18 23:13:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-17 20:26:20 ----HD---- C:\$WINDOWS.~BT
2016-11-15 17:13:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-11-15 17:11:47 ----D---- C:\Program Files\Microsoft Office 15
2016-11-13 18:31:40 ----D---- C:\Users\P & M\AppData\Roaming\vlc
2016-11-13 05:49:56 ----D---- C:\Windows\rescache
2016-11-13 03:58:22 ----D---- C:\Windows\CbsTemp
2016-11-13 03:42:03 ----D---- C:\Windows\system32\catroot2
2016-11-12 15:09:50 ----SD---- C:\Windows\SYSWOW64\F12
2016-11-12 15:09:50 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-11-12 15:09:50 ----D---- C:\Windows\SYSWOW64\migration
2016-11-12 15:09:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-12 15:09:42 ----D---- C:\Windows\system32\sk-SK
2016-11-12 15:09:42 ----D---- C:\Windows\system32\oobe
2016-11-12 15:09:42 ----D---- C:\Windows\system32\migwiz
2016-11-12 15:09:42 ----D---- C:\Windows\system32\migration
2016-11-12 15:09:41 ----SD---- C:\Windows\system32\F12
2016-11-12 15:09:41 ----D---- C:\Windows\system32\en-US
2016-11-12 15:09:41 ----D---- C:\Windows\system32\cs-CZ
2016-11-12 15:09:41 ----D---- C:\Windows\system32\Boot
2016-11-12 15:09:41 ----D---- C:\Windows\system32\appraiser
2016-11-12 15:09:32 ----RD---- C:\Windows\PrintDialog
2016-11-12 15:09:32 ----RD---- C:\Windows\ImmersiveControlPanel
2016-11-12 15:09:32 ----RD---- C:\Windows\DevicesFlow
2016-11-12 15:09:31 ----D---- C:\Windows\AppPatch
2016-11-12 15:09:31 ----D---- C:\Program Files\Windows Photo Viewer
2016-11-12 15:09:31 ----D---- C:\Program Files\Windows Media Player
2016-11-12 15:09:31 ----D---- C:\Program Files\Windows Mail
2016-11-12 15:09:31 ----D---- C:\Program Files\Windows Defender
2016-11-12 15:09:31 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-11-12 15:09:31 ----D---- C:\Program Files (x86)\Windows Media Player
2016-11-12 15:09:31 ----D---- C:\Program Files (x86)\Windows Mail
2016-11-12 15:09:31 ----D---- C:\Program Files (x86)\Windows Defender
2016-11-12 15:09:31 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-12 15:09:30 ----D---- C:\Program Files\Internet Explorer
2016-11-12 10:42:49 ----D---- C:\Windows\system32\MRT
2016-11-12 10:37:58 ----AC---- C:\Windows\system32\MRT.exe
2016-11-12 09:50:21 ----D---- C:\Windows\system32\LogFiles
2016-11-09 17:20:16 ----SD---- C:\Users\P & M\AppData\Roaming\Microsoft
2016-11-08 19:19:05 ----D---- C:\Windows\system32\SecureBootUpdates
2016-11-03 18:44:12 ----D---- C:\Windows\system32\NDF
2016-11-01 20:16:54 ----D---- C:\Windows\system32\FxsTmp
2016-10-28 22:06:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-28 11:46:05 ----SHD---- C:\$Recycle.Bin
2016-10-25 09:36:06 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2015-07-25 1455552]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-10-13 232072]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2016-10-13 177792]
R1 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-10-13 67712]
R3 athr;@oem25.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2016-10-20 4325808]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-06-08 604776]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2016-03-16 238080]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 DellRbtn;@oem1.inf,%DellRbtn%;Airplane Mode Switch; C:\Windows\System32\drivers\DellRbtn.sys [2015-05-08 19440]
R3 iaLPSS_I2C;@oem4.inf,%iaLPSS_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver; C:\Windows\System32\drivers\iaLPSS_I2C.sys [2015-06-15 132360]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-10-20 11142984]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
R3 rt640x64;@oem0.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 RTSUER;@oem18.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2015-05-14 402960]
S0 eelam;eelam; C:\Windows\system32\DRIVERS\eelam.sys [2016-10-13 15488]
S1 jxboamsp;jxboamsp; \??\C:\Windows\system32\drivers\jxboamsp.sys []
S2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-06-14 296448]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 dot4;@oem28.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2016-10-26 151968]
S3 Dot4Print;@oem29.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2016-10-26 27040]
S3 dot4usb;@oem28.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2016-10-26 49056]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2015-07-10 26112]
S3 iaLPSS_GPIO;@oem3.inf,%iaLPSS_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Driver; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [2015-06-15 46856]
S3 iaLPSS_SPI;@oem5.inf,%iaLPSS_SPI.SVCDESC%;Intel(R) Serial IO SPI Driver; C:\Windows\System32\drivers\iaLPSS_SPI.sys [2015-06-15 113416]
S3 iaLPSS_UART2;@oem6.inf,%iaLPSS_UART2.SVCDESC%;Intel(R) Serial IO UART Driver v2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [2015-06-15 155400]
S3 netvsc;netvsc; C:\Windows\System32\drivers\netvsc.sys [2015-07-10 94720]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-09-26 2207960]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2015-06-08 323152]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2016-10-04 3040496]
R2 Dell Customer Connect;Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2016-09-09 132472]
R2 Dell Foundation Services;Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2016-04-29 153960]
R2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-06-24 238320]
R2 DellUpdate;Dell Update Service; C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-06-10 237272]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-10-11 2815520]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-11 223520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-11 415520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-07-23 937800]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Product Registration;Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [2016-09-22 80208]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2014-04-15 253776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-07-23 410768]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2016-10-28 990656]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-10-28 16248]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
S2 0140251479921979mcinstcleanup;McAfee Application Installer Cleanup (0140251479921979); C:\Windows\TEMP\014025~1.EXE [2016-05-16 961888]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S2 OneSyncSvc_Session22;Hostitel synchronizace_Session22; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-03-14 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2016-10-28 86864]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: aliexpress nejde odinstalovat

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
tojejedno
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 23 lis 2016 18:30

Re: aliexpress nejde odinstalovat

#4 Příspěvek od tojejedno »

posielam log z adwcleaneru


# AdwCleaner v6.030 - Log soubor vytvořen 23/11/2016 na 20:15:52
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-22.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : P & M - PAŤKAMAREK
# Beží od : C:\Users\P & M\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2043 Bajtů] - [23/11/2016 17:52:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [1172 Bajtů] - [23/11/2016 19:59:46]
C:\AdwCleaner\AdwCleaner[C3].txt - [945 Bajtů] - [23/11/2016 20:15:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [2146 Bajtů] - [23/11/2016 17:51:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [1541 Bajtů] - [23/11/2016 19:59:38]
C:\AdwCleaner\AdwCleaner[S2].txt - [1689 Bajtů] - [23/11/2016 20:15:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1240 Bajtů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: aliexpress nejde odinstalovat

#5 Příspěvek od Rudy »

Toto je OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
NuklearX
Návštěvník
Návštěvník
Příspěvky: 1
Registrován: 29 lis 2016 20:26

Re: aliexpress nejde odinstalovat

#6 Příspěvek od NuklearX »

Rudy píše:Toto je OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Logfile of random's system information tool 1.10 (written by random/random)
Run by Nigrovič at 2016-11-29 20:41:23
Microsoft Windows 10 Home
System drive C: has 294 GB (68%) free of 432 GB
Total RAM: 3977 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:41:41, on 29.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
C:\Users\Nigrovič\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\AVAST Software\Cleanup\CleanupUI.exe
C:\Users\Nigrovič\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
C:\Program Files (x86)\Opera\41.0.2353.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
C:\Program Files\trend micro\Nigrovič.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20161125] "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\06feac79-bb53-4268-836d-e32fba11634a\7beed696-da18-40b2-b606-ddee90893c24.dll",_stage2@16
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Nigrovič\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: MEGAsync.lnk = ?
O4 - Global Startup: AliExpress.lnk = C:\Program Files (x86)\AliExpress\AliExpress.exe
O4 - Global Startup: avast! Cleanup.lnk = C:\Program Files\AVAST Software\Cleanup\CleanupUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Avast Cleanup (CleanupSvc) - AVAST Software - C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem57.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWoW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10237 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e02bbe3f-a217-405e-9e65-1657068ecbc0 -SystemEventPortName:HostProcess-5251868b-9c6a-4444-93b3-a6a44627400b -IoCancelEventPortName:HostProcess-1d27ff93-eaa8-4873-9974-b82a35fa2dd5 -NonStateChangingEventPortName:HostProcess-a0b8251b-2d9f-4dc0-9dc0-326b4aef7fb3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4eefb59e-0dd6-4a24-a9ff-56e3cceb7cbc -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c469c5ce-b6b9-42f3-a0ae-3cf8f73c9f22 -SystemEventPortName:HostProcess-c5f71c43-39e8-4c85-886e-dbe8b5b3c3c6 -IoCancelEventPortName:HostProcess-ff6c9292-9dec-4d81-91e3-aae2badcb24f -NonStateChangingEventPortName:HostProcess-a518a065-90a8-4a9c-b5a6-9018efc41d8c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2de5518b-1f73-4a39-8e5e-82d9ab7ddbc3 -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a2c0ab80-17b0-439c-8b6c-ff508c239316 -SystemEventPortName:HostProcess-a58935e4-babb-401c-ac3d-1723c6a849da -IoCancelEventPortName:HostProcess-65ecef5d-afcd-40d2-80d7-446c7d637df5 -NonStateChangingEventPortName:HostProcess-4b1f2453-281d-4e9f-9ad8-83d2d16eaee7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a7dff893-fa7a-40b3-ad62-4ced8459fdfa -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k appmodel
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWoW64\esif_uf.exe
"c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"

C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Users\Nigrovič\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
dashost.exe {6aee9928-1d6f-48df-b28d0b4e3fb0b1d5}
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\AVAST Software\Cleanup\CleanupUI.exe" /nogui
"C:\Users\Nigrovič\AppData\Local\MEGAsync\MEGAsync.exe"
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C0].txt
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\41.0.2353.69\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=5372
"C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe" --type=gpu-process --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=off --crash-reporter-pid=6796 --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,16,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4276 --gpu-driver-date=8-17-2015 --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=off --crash-reporter-pid=6796 --mojo-application-channel-token=59B9F296E1DB14E60069A14556D8FC74 --mojo-platform-channel-handle=1564 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=17C6346BC13A2E5F63D2C8F396B352A0 --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=off --crash-reporter-pid=6796 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=17C6346BC13A2E5F63D2C8F396B352A0 --channel="5372.3.550851937\573521946" --mojo-platform-channel-handle=2864 /prefetch:1
"C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe" -name 596db0b5-e052-43d1-92ee-67b1078b8e76 -runas SYSTEM -pluginName LenovoSystemUpdatePlugin -pluginVersion 1.2.54.0
"C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=B251338D1CFF7FB52B778633AAB9CEBE --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=off --crash-reporter-pid=6796 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=B251338D1CFF7FB52B778633AAB9CEBE --channel="5372.7.572191434\342550499" --mojo-platform-channel-handle=5268 /prefetch:1
"C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe" backgroundagent
"C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=CECAE5F9F2A03026CAA3A135F9DAFE57 --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=off --crash-reporter-pid=6796 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=CECAE5F9F2A03026CAA3A135F9DAFE57 --channel="5372.9.1086263001\2121012727" --mojo-platform-channel-handle=6016 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x19c
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 644 652 8192 648
"C:\Users\NIGROV~1\AppData\Local\Temp\scoped_dir5372_17987\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton Product InstallerIdle.job - C:\Users\NIGROV~1\AppData\Local\Temp\in364BB553\1927CDD6_stp\SymInstallStub.exe /partnerid=afterdld /productlist=nss /staging=false /affid=afterdld12_16_47 /delay=0 /launchedby=4

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30 214216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-15 13877464]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28 1393880]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28 1393880]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2015-08-24 791848]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2015-07-11 230104]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-12-07 3947704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Nigrovič\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-27 633024]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20161125"=C:\Program Files\AVAST Software\Avast\aswRunDll.exe [2016-09-19 901992]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AliExpress.lnk - C:\Program Files (x86)\AliExpress\AliExpress.exe
avast! Cleanup.lnk - C:\Program Files\AVAST Software\Cleanup\CleanupUI.exe

C:\Users\Nigrovič\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MEGAsync.lnk - C:\Users\Nigrovič\AppData\Local\MEGAsync\MEGAsync.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-29 20:41:24 ----D---- C:\Program Files\trend micro
2016-11-29 20:41:23 ----D---- C:\rsit
2016-11-29 20:06:35 ----D---- C:\AdwCleaner
2016-11-24 16:47:50 ----D---- C:\Users\Nigrovič\AppData\Roaming\WinRAR
2016-11-24 16:46:11 ----AD---- C:\Program Files (x86)\WinRAR
2016-11-24 16:44:37 ----AD---- C:\Program Files (x86)\AliExpress
2016-11-18 15:40:42 ----D---- C:\WINDOWS\Minidump
2016-11-17 19:16:46 ----D---- C:\Users\Nigrovič\AppData\Roaming\Opera Software
2016-11-17 19:16:23 ----AD---- C:\Program Files (x86)\Opera
2016-11-16 15:04:58 ----A---- C:\WINDOWS\system32\iMDriverHelper.dll
2016-11-10 17:25:41 ----D---- C:\Users\Nigrovič\AppData\Roaming\log
2016-11-10 17:25:41 ----D---- C:\Users\Nigrovič\AppData\Roaming\Cache
2016-11-09 20:57:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-11-09 20:53:35 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2016-11-09 16:43:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-09 16:43:06 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 16:43:05 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 16:43:05 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-09 16:43:05 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 16:43:04 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-09 16:43:04 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 16:43:04 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 16:43:04 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-09 16:43:04 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-09 16:43:04 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 16:43:03 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 16:43:03 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 16:43:03 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-09 16:43:02 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-09 16:43:02 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-09 16:43:02 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-09 16:43:02 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-09 16:43:01 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 16:43:01 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-09 16:43:00 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-09 16:43:00 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 16:43:00 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 16:43:00 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 16:42:59 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 16:42:59 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 16:42:59 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-09 16:42:58 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-09 16:42:58 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 16:42:57 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-09 16:42:57 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-09 16:42:56 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 16:42:55 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-09 16:42:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 16:42:55 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 16:42:55 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-09 16:42:54 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-09 16:42:54 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 16:42:53 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 16:42:52 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 16:42:51 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 16:42:51 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-09 16:42:50 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 16:42:50 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-09 16:42:50 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-09 16:42:49 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-09 16:42:49 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-09 16:42:48 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-09 16:42:47 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-09 16:42:45 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-09 16:42:45 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-09 16:42:45 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 16:42:45 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-09 16:42:45 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-09 16:42:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 16:42:44 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-09 16:42:44 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-09 16:42:43 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-09 16:42:43 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-09 16:42:41 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-09 16:42:41 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-09 16:42:41 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-09 16:42:40 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-09 16:42:39 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-09 16:42:39 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 16:42:38 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-09 16:42:38 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-09 16:42:37 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-09 16:42:37 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-09 16:42:37 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-09 16:42:37 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-09 16:42:36 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-09 16:42:36 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 16:42:35 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-09 16:42:34 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-09 16:42:32 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-09 16:42:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 16:42:23 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-09 16:42:23 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-09 16:42:22 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-09 16:42:22 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-09 16:42:22 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-09 16:42:22 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-09 16:42:21 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-09 16:42:21 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-09 16:42:21 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-09 16:42:21 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-09 16:42:21 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 16:42:20 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-09 16:42:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 16:42:20 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-09 16:42:20 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-09 16:42:19 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 16:42:19 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-09 16:42:19 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 16:42:18 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 16:42:18 ----A---- C:\WINDOWS\explorer.exe
2016-11-09 16:42:17 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-09 16:42:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 16:42:11 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-09 16:42:10 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 16:42:09 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-09 16:42:09 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-09 16:42:09 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-09 16:42:09 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 16:42:08 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 16:42:07 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 16:42:07 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 16:42:07 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 16:42:06 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-09 16:42:06 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-09 16:42:05 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 16:42:05 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 16:42:05 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 16:42:03 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 16:42:02 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-09 16:42:02 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 16:42:01 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-09 16:42:00 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 16:42:00 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-09 16:41:57 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-09 16:41:56 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-09 16:41:56 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-09 16:41:55 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 16:41:54 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-09 16:41:54 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 16:41:54 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 16:41:52 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 16:41:52 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-09 16:41:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 16:41:50 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-09 16:41:48 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 16:41:47 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-09 16:41:46 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 16:41:46 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-09 16:41:45 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-09 16:41:45 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 16:41:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 16:41:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 16:41:42 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 16:41:41 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 16:41:41 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-09 16:41:41 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 16:41:41 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-09 16:41:40 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 16:41:40 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-09 16:41:39 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-09 16:41:36 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-09 16:41:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-09 16:41:35 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 16:41:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 16:41:35 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-09 16:41:35 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 16:41:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 16:41:33 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 16:41:32 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-09 16:41:31 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 16:41:31 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 16:41:30 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 16:41:30 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-09 16:41:30 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-09 16:41:29 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-09 16:41:24 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 16:41:23 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 16:41:22 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 16:41:21 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-09 16:41:21 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 16:41:21 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 16:41:20 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 16:41:20 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 16:41:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 16:41:17 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-09 16:41:17 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-09 16:41:16 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 16:41:15 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 16:41:14 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-09 16:41:14 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 16:41:14 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-09 16:41:13 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 16:41:12 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-09 16:41:11 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-09 16:41:11 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 16:41:11 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 16:41:10 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-09 16:41:10 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 16:41:10 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 16:41:10 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 16:41:09 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 16:41:09 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-09 16:41:09 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 16:41:09 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-09 16:41:08 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-09 16:41:08 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 16:41:06 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-09 16:41:06 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-09 16:41:05 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 16:41:05 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-09 16:41:05 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-09 16:41:05 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-09 16:41:04 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 16:41:04 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 16:41:03 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 16:41:03 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-09 16:41:03 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-09 16:41:03 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-09 16:41:02 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-09 16:41:02 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 16:41:01 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-09 16:40:59 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-09 16:40:59 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-09 16:40:58 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 16:40:58 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 16:40:58 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-09 16:40:58 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 16:40:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 16:40:56 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-09 16:40:55 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-09 16:40:55 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 16:40:55 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 16:40:55 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 16:40:55 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 16:40:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 16:40:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 16:40:54 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-09 16:40:54 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 16:40:53 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 16:40:53 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 16:40:52 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-09 16:40:52 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 16:40:52 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 16:40:52 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 16:40:52 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 16:40:51 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 16:40:51 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 16:40:51 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-09 16:40:50 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-09 16:40:50 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 16:40:49 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 16:40:48 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-09 16:40:48 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-09 16:40:48 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 16:40:47 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-09 16:40:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 16:40:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-09 16:40:40 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-09 16:40:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 16:40:39 ----A---- C:\WINDOWS\system32\atmlib.dll

======List of files/folders modified in the last 1 month======

2016-11-29 20:41:24 ----RD---- C:\Program Files
2016-11-29 20:30:00 ----D---- C:\WINDOWS\Temp
2016-11-29 20:19:56 ----RSD---- C:\WINDOWS\assembly
2016-11-29 20:13:28 ----D---- C:\WINDOWS\system32\sru
2016-11-29 20:13:00 ----D---- C:\WINDOWS\Prefetch
2016-11-29 20:12:38 ----HD---- C:\ProgramData
2016-11-29 20:12:38 ----D---- C:\Windows
2016-11-29 20:02:18 ----D---- C:\WINDOWS\system32\Tasks
2016-11-29 19:52:20 ----D---- C:\WINDOWS\System32
2016-11-29 18:16:18 ----D---- C:\WINDOWS\system32\drivers
2016-11-29 17:40:42 ----D---- C:\WINDOWS\AppReadiness
2016-11-29 17:40:41 ----HD---- C:\Program Files\WindowsApps
2016-11-28 22:07:52 ----D---- C:\WINDOWS\system32\SleepStudy
2016-11-27 19:15:57 ----RD---- C:\Program Files (x86)
2016-11-27 19:15:49 ----D---- C:\WINDOWS\Tasks
2016-11-27 17:25:50 ----RD---- C:\WINDOWS\Microsoft.NET
2016-11-26 14:45:33 ----D---- C:\WINDOWS\system32\NDF
2016-11-26 14:41:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-26 14:39:33 ----D---- C:\WINDOWS\INF
2016-11-26 14:17:50 ----SHD---- C:\Config.Msi
2016-11-26 03:35:00 ----D---- C:\WINDOWS\debug
2016-11-25 17:17:09 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-11-24 23:43:00 ----D---- C:\WINDOWS\SoftwareDistribution
2016-11-24 22:35:58 ----SHD---- C:\System Volume Information
2016-11-23 15:58:49 ----SHD---- C:\WINDOWS\Installer
2016-11-23 15:56:23 ----D---- C:\WINDOWS\system32\config
2016-11-20 09:47:14 ----D---- C:\ProgramData\CyberLink
2016-11-19 22:53:50 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-11-19 22:52:55 ----D---- C:\Program Files (x86)\Common Files
2016-11-19 22:51:19 ----AD---- C:\Program Files (x86)\Microsoft Office
2016-11-19 22:49:52 ----D---- C:\Program Files (x86)\Lenovo
2016-11-19 22:48:08 ----D---- C:\ProgramData\SUPPORTDIR
2016-11-19 22:47:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-19 22:43:13 ----D---- C:\ProgramData\Temp
2016-11-19 22:42:45 ----D---- C:\WINDOWS\WinSxS
2016-11-17 19:35:08 ----D---- C:\Program Files (x86)\Google
2016-11-17 17:17:02 ----D---- C:\WINDOWS\system32\catroot2
2016-11-17 15:12:38 ----D---- C:\WINDOWS\system32\wbem
2016-11-14 04:59:38 ----D---- C:\WINDOWS\rescache
2016-11-14 04:07:25 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-10 17:25:05 ----D---- C:\ProgramData\AVAST Software
2016-11-10 17:25:05 ----D---- C:\Program Files\AVAST Software
2016-11-09 20:57:06 ----D---- C:\WINDOWS\SysWOW64
2016-11-09 20:49:28 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-11-09 20:49:28 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 20:49:27 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-09 20:49:23 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:49:23 ----D---- C:\WINDOWS\system32\sk-SK
2016-11-09 20:49:23 ----D---- C:\WINDOWS\system32\oobe
2016-11-09 20:49:22 ----D---- C:\WINDOWS\system32\migwiz
2016-11-09 20:49:22 ----D---- C:\WINDOWS\system32\migration
2016-11-09 20:49:17 ----D---- C:\WINDOWS\system32\en-US
2016-11-09 20:49:17 ----D---- C:\WINDOWS\system32\Boot
2016-11-09 20:49:15 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:49:15 ----D---- C:\WINDOWS\ShellExperiences
2016-11-09 20:49:15 ----D---- C:\WINDOWS\bcastdvr
2016-11-09 20:49:15 ----D---- C:\WINDOWS\AppPatch
2016-11-09 20:40:12 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 20:28:16 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 20:22:36 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-19 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-23 293352]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 MBI;@oem25.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-06-09 41464]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-19 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-19 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-19 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-28 513632]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-19 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-19 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 ACPIVPC;@oem6.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-15 42328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-28 84992]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2015-05-26 47096]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2015-05-26 251384]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-07 3797416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-05-19 4466392]
R3 IntcDAud;@oem13.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-07-23 454416]
R3 iwdbus;@oem81.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 RSP2STOR;@oem42.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2015-05-21 310528]
R3 rt640x64;@oem38.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-12-09 886528]
R3 RtkBtFilter;@oem33.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2015-12-09 593624]
R3 rtsuvc;@oem24.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-11 3059416]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2016-07-16 5144064]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-12-07 44216]
R3 SynTP;@oem8.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-12-07 620744]
R3 TXEIx64;@oem39.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2014-01-16 88592]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-19 37656]
S3 aswTap;@oem1.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2016-01-08 44640]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-28 114176]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-09-15 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-10-15 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-28 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2015-10-06 537192]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2015-10-06 109480]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2015-07-10 3354384]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-07-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-07-16 50688]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2016-07-16 45568]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-07-16 263008]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-07-16 96608]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-07-16 137056]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-19 197128]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2015-03-03 41176]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2015-07-02 120024]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CleanupSvc;Avast Cleanup; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2016-07-29 2331208]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-30 3294912]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 esifsvc;@oem57.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWoW64\esif_uf.exe [2015-05-26 1385640]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-07 330144]
R2 ImControllerService;System Interface Foundation Service; c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2016-11-16 62792]
R2 OneSyncSvc_3497c;Sync Host_3497c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_3497c;Contact Data_3497c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc_3497c;CDPUserSvc_3497c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-07 291736]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-12-24 887232]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-07-02 271296]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3497c;MessagingService_3497c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-10-30 209104]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-28 1312768]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.10 2016-11-29 20:41:48

======MBR======

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000C2907CDD000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
AliExpress version 1.1.0.5019-->"C:\Program Files (x86)\AliExpress\unins000.exe"
Avast Cleanup-->"C:\Program Files\AVAST Software\Cleanup\unins000.exe"
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{AF312B06-5C5C-468E-89B3-BE6DE2645722}
Cisco PEAP Module-->MsiExec.exe /I{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}
Components-->MsiExec.exe /X{1720B0E0-C520-43A6-B677-97A1D80F3B99}
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Dynamic Platform and Thermal Framework-->C:\Program Files (x86)\Intel\Intel(R) Dynamic Platform and Thermal Framework\Uninstall\setup.exe -uninstall
Intel(R) Chipset Device Software-->"C:\ProgramData\Package Cache\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}\SetupChipset.exe" /uninstall
Intel(R) Chipset Device Software-->MsiExec.exe /I{B685D0AD-42A8-4A39-9BFE-8C063FA9AF29}
Intel(R) Processor Graphics-->"C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall
Intel(R) Sideband Fabric Device Driver-->C:\Program Files (x86)\Intel\Intel(R) MBI Driver\Uninstall\setup.exe -uninstall
Intel(R) Trusted Execution Engine Driver-->MsiExec.exe /I{893A5D27-2E60-426C-89BA-EA2020545BFA}
Intel(R) Trusted Execution Engine-->"C:\ProgramData\Intel\Package Cache\{176E2755-0A17-42C6-88E2-192AB2131278}\Setup.exe" -uninstall
Intel(R) Trusted Execution Engine-->MsiExec.exe /I{3B6A2A50-CA34-4012-BE2A-DF66DF5E83AE}
Lenovo EasyCamera-->C:\WINDOWS\RtCamU64.exe /u /s
Lenovo Experience Improvement-->C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe /uninstall
Lenovo FusionEngine -->C:\Program Files (x86)\Lenovo\FusionEngine\uninst.exe
Lenovo OneKey Recovery-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo OneKey Recovery-->"C:\Program Files (x86)\InstallShield Installation Information\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}\setup.exe" /z-uninstall
Lenovo Photo Master-->C:\Program Files (x86)\NSIS Uninstall Information\{BC94C56A-3649-420C-8756-2ADEBE399D33}\Setup.exe _?=C:\Program Files (x86)\NSIS Uninstall Information\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Lenovo PowerDVD12-->"C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\setup.exe" /z-uninstall
Lenovo PowerDVD12-->"C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\setup.exe" /z-uninstall
Lenovo QuickOptimizer-->MsiExec.exe /X{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Lenovo Solution Center-->MsiExec.exe /X{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}
Lenovo System Interface Foundation-->MsiExec.exe /X{C2E5CA37-C862-4A69-AC6D-24F450A20C16}
LenovoUtility-->"C:\Program Files (x86)\InstallShield Installation Information\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}\setup.exe" -runfromtemp -l0x0409 -removeonly
LenovoUtility-->MsiExec.exe /I{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}
MEGAsync-->C:\Users\Nigrovič\AppData\Local\MEGAsync\uninst.exe
Metric Collection SDK-->MsiExec.exe /X{DDAA788F-52E6-44EA-ADB8-92837B11BF26}
Microsoft Office 2016 pre študentov a domácnosti - sk-sk-->"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" scenario=install scenariosubtype=ARP sourcetype=None productstoremove=HomeStudentRetail.16_sk-sk_x-none culture=sk-sk version.16=16.0
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106-->"C:\ProgramData\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Office 16 Click-to-Run Extensibility Component 64-bit Registration-->MsiExec.exe /X{90160000-00DD-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Extensibility Component-->MsiExec.exe /X{90160000-008C-0000-0000-0000000FF1CE}
Office 16 Click-to-Run Licensing Component-->MsiExec.exe /I{90160000-008F-0000-1000-0000000FF1CE}
Opera Stable 41.0.2353.69-->"C:\Program Files (x86)\Opera\Launcher.exe" /uninstall
REACHit-->MsiExec.exe /X{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
REALTEK Bluetooth Driver-->C:\Program Files (x86)\InstallShield Installation Information\{9D3D8C60-A5EF-4123-B2B9-172095903AB}\Install.exe -uninst
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Realtek Wireless LAN Adapter Software-->C:\Program Files (x86)\InstallShield Installation Information\{E462B252-195B-47EA-98E2-BAC3C2DF7D37}\Install.exe -uninst
SafeZone Stable 1.51.2220.62-->"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
Sony Mobile Update Engine-->C:\Program Files (x86)\Sony Mobile\Update Engine\uninst.exe
Sony PC Companion 2.10.303-->"C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe" -runfromtemp -l0x0409 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
User Manuals-->"C:\Program Files (x86)\InstallShield Installation Information\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}\setup.exe" -runfromtemp -l0x0409 -removeonly
User Manuals-->MsiExec.exe /X{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
WinRAR 5.40 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

======System event log======

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 16392
Message: The BITS service failed to start. Error 0x80080005.
Record Number: 48
Source Name: Microsoft-Windows-Bits-Client
Time Written: 20160927153042.016833-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 10010
Message: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Record Number: 47
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20160927153037.378180-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 10010
Message: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.
Record Number: 46
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20160927153037.378180-000
Event Type: Error
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 7023
Message: Služba IP Helper bola ukončená s nasledujúcou chybou:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 41
Source Name: Service Control Manager
Time Written: 20160927152833.238652-000
Event Type: Error
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 7023
Message: Služba netprofm bola ukončená s nasledujúcou chybou:
The device is not ready.
Record Number: 38
Source Name: Service Control Manager
Time Written: 20160927152826.378948-000
Event Type: Error
User:

=====Application event log=====

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4104
Message: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Record Number: 25
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20160927155719.574905-000
Event Type: Error
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4104
Message: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Record Number: 23
Source Name: Microsoft-Windows-MSDTC 2
Time Written: 20160927155719.324889-000
Event Type: Error
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4104
Message: Failed trying to get the state of the cluster node: LAPTOP-VL5O9IQ9.The error code returned: 0x8007085A
Record Number: 20
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20160927155718.434046-000
Event Type: Warning
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4104
Message: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Record Number: 19
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20160927155718.387171-000
Event Type: Error
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 1534
Message: Profile notification of event Create for component {D63AA156-D534-4BAC-9BF1-55359CF5EC30} failed, error code is The system cannot find the path specified.
.


Record Number: 8
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20160927153905.266081-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x184
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x12c
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160927152716.685346-000
Event Type: Audit Success
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x178
New Process Name: C:\Windows\System32\setupcl.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x12c
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160927152653.764933-000
Event Type: Audit Success
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x138
New Process Name: C:\Windows\System32\autochk.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x12c
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160927152648.208831-000
Event Type: Audit Success
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x12c
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x4
Creator Process Name:
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160927152648.100413-000
Event Type: Audit Success
User:

Computer Name: LAPTOP-VL5O9IQ9
Event Code: 4826
Message: Boot Configuration Data loaded.

Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

General Settings:
Load Options: -
Advanced Options: No
Configuration Access Policy: Default
System Event Logging: No
Kernel Debugging: No
VSM Launch Type: Off

Signature Settings:
Test Signing: No
Flight Signing: No
Disable Integrity Checks: No

HyperVisor Settings:
HyperVisor Load Options: -
HyperVisor Launch Type: Off
HyperVisor Debugging: No
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160927152648.026068-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 55 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=3708
"Path"=C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"configsetroot"=%SystemRoot%\ConfigSetRoot
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: aliexpress nejde odinstalovat

#7 Příspěvek od Rudy »

Toto je RSIT. Potřebuji vidět FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . Při mazaání přes RSIT v desítkách riskuji poškození systému.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“