Hezký den, pozoruji problém u svého notebooku, kdy prohlížeč je značně zpomalen jak při vyhledávání, tak otevírání nových oken. Přehrávání YT videí nepříjemně "prská", seká se mi také obraz v různých typech online přehrávačů - twitch, čt24, stream.cz. Stejný problém pozoruji také u her s větším nárokem na CPU. Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by mail at 2017-06-11 01:12:28
Microsoft Windows 10 Home
System drive C: has 837 GB (92%) free of 910 GB
Total RAM: 8116 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:12:31, on 11.06.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal
Running processes:
C:\Users\mail\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Battle.net\Agent\Agent.5625\Agent.exe
C:\Program Files (x86)\Blizzard App\Battle.net.8839\Battle.net.exe
C:\Program Files (x86)\Blizzard App\Battle.net.8839\Battle.net Helper.exe
C:\Program Files (x86)\Blizzard App\Battle.net.8839\Battle.net Helper.exe
C:\Program Files\trend micro\mail.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\mail\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @oem26.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7702 bytes
======Listing Processes======
C:\Windows\system32\lsass.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0588e802-03fb-4963-b41f-b8d55694cea0 -SystemEventPortName:HostProcess-7a3ed376-5577-4670-9484-fd1b39f1e390 -IoCancelEventPortName:HostProcess-ac0f3b10-1cab-4155-96db-e6541b4b1cd4 -NonStateChangingEventPortName:HostProcess-bea34066-227f-4c0d-95e3-82ea6621b64c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:010ad447-aac9-402b-b988-8458a16f3f82 -DeviceGroupId:
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s SENS
C:\Windows\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8ffde362-9f69-4174-bc27-4a0cddf7a2f6 -SystemEventPortName:HostProcess-32f91b9f-8444-4374-ba4b-f37ed387799f -IoCancelEventPortName:HostProcess-2b4252e4-58c7-4ff0-8666-ed9c18dc2d92 -NonStateChangingEventPortName:HostProcess-53fe95bb-63a6-41e8-83a8-931a224db60d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:38983bb2-be2b-4157-8006-7d2987117b29 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
"C:\Program Files\IDT\WDM\STacSV64.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
C:\Windows\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
C:\Windows\system32\ibtsiva
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NgcSvc
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s NgcCtnrSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\mail\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"cmd" /c "C:\Users\mail\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Users\mail\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe"
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -s seclogon
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\Windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.1434.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe" -ServerName:AppexNews.AppX3vz52bd72d0ycrnwe6jysfgn7k1qcv00.mca
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\WindowsApps\Microsoft.People_10.2.1451.0_x64__8wekyb3d8bbwe\PeopleApp.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXp4q8q2jfk5x248b0h39ew5k7wz3xvc5b.mca
C:\Windows\system32\svchost.exe -k LocalService -s WinHttpAutoProxySvc
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2276.0.1504354671\1609459041" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2276 "\\.\pipe\gecko-crash-server-pipe.2276" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2276.2.1115259947\1517337861" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2276 "\\.\pipe\gecko-crash-server-pipe.2276" tab
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ProgramData\Battle.net\Agent\Agent.5625\Agent.exe" --locale=enUS --session=1156747333447346215
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Blizzard App\Battle.net.8839\Battle.net.exe" --game=hs_beta "--gamepath=C:\Program Files (x86)\Hearthstone"
"Battle.net Helper.exe" --type=gpu-process --channel="7812.0.837739808\1338579606" --no-sandbox --lang=en-US --log-file="C:\Users\mail\AppData\Local\Battle.net\Logs\libcef-20170609T173212.534463.log" --log-severity=error --product-version=Battle.net/1.8.2.8839 --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4531 --lang=en-US --log-file="C:\Users\mail\AppData\Local\Battle.net\Logs\libcef-20170609T173212.534463.log" --log-severity=error --product-version=Battle.net/1.8.2.8839 /prefetch:2
C:\Windows\system32\AUDIODG.EXE 0x73c
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
C:\Windows\system32\svchost.exe -k netsvcs -s XblAuthManager
"Battle.net Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-file="C:\Users\mail\AppData\Local\Battle.net\Logs\libcef-20170609T173212.534463.log" --log-severity=error --product-version=Battle.net/1.8.2.8839 --enable-system-flash --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7812.7.2004360917\1973387367" /prefetch:1
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Users\mail\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
=========Mozilla firefox=========
ProfilePath - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll
C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default\extensions\
trash
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03 3944136]
"RtsFT"=C:\Windows\RTFTrack.exe [2013-04-24 6339656]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-10-22 1703424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\mail\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-06-05 1504888]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-06-09 16:51:18 ----D---- C:\Users\mail\AppData\Roaming\Macromedia
2017-06-06 21:21:13 ----D---- C:\AdwCleaner
2017-06-06 21:15:47 ----D---- C:\rsit
2017-06-06 21:15:47 ----D---- C:\Program Files\trend micro
2017-06-06 14:10:34 ----D---- C:\Program Files (x86)\Adobe
2017-06-06 14:10:15 ----D---- C:\ProgramData\Adobe
2017-06-06 01:52:04 ----AD---- C:\Program Files (x86)\Overwolf
2017-06-06 01:51:55 ----D---- C:\ProgramData\Overwolf
2017-06-06 01:37:42 ----D---- C:\Users\mail\AppData\Roaming\HearthstoneDeckTracker
2017-06-06 01:26:51 ----D---- C:\Users\mail\AppData\Roaming\.mono
2017-06-06 01:26:51 ----D---- C:\ProgramData\.mono
2017-06-05 23:09:21 ----HD---- C:\OneDriveTemp
2017-06-05 18:48:16 ----D---- C:\Users\mail\AppData\Roaming\Mozilla
2017-06-05 18:48:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-05 18:48:04 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-06-05 16:11:36 ----D---- C:\Windows\system32\MRT
2017-06-05 16:11:21 ----AC---- C:\Windows\system32\MRT.exe
2017-06-05 16:08:59 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-06-05 16:08:58 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-05 16:08:57 ----A---- C:\Windows\system32\mshtml.dll
2017-06-05 16:08:55 ----A---- C:\Windows\system32\edgehtml.dll
2017-06-05 16:08:49 ----A---- C:\Windows\system32\twinui.dll
2017-06-05 16:08:48 ----A---- C:\Windows\SYSWOW64\twinui.dll
2017-06-05 16:08:47 ----A---- C:\Windows\system32\shell32.dll
2017-06-05 16:08:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-06-05 16:08:43 ----A---- C:\Windows\system32\ieframe.dll
2017-06-05 16:08:41 ----A---- C:\Windows\system32\Chakra.dll
2017-06-05 16:08:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-06-05 16:08:39 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2017-06-05 16:08:37 ----A---- C:\Windows\explorer.exe
2017-06-05 16:08:36 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2017-06-05 16:08:36 ----A---- C:\Windows\SYSWOW64\explorer.exe
2017-06-05 16:08:35 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2017-06-05 16:08:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-06-05 16:08:33 ----A---- C:\Windows\system32\dwmcore.dll
2017-06-05 16:08:32 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2017-06-05 16:08:32 ----A---- C:\Windows\system32\twinui.pcshell.dll
2017-06-05 16:08:31 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-06-05 16:08:31 ----A---- C:\Windows\system32\daxexec.dll
2017-06-05 16:08:30 ----A---- C:\Windows\system32\audiosrv.dll
2017-06-05 16:08:29 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2017-06-05 16:08:29 ----A---- C:\Windows\system32\SettingSyncCore.dll
2017-06-05 16:08:29 ----A---- C:\Windows\system32\ResetEngine.dll
2017-06-05 16:08:28 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2017-06-05 16:08:28 ----A---- C:\Windows\system32\fontdrvhost.exe
2017-06-05 16:08:28 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-06-05 16:08:27 ----A---- C:\Windows\system32\StoreAgent.dll
2017-06-05 16:08:27 ----A---- C:\Windows\system32\hvix64.exe
2017-06-05 16:08:26 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-06-05 16:08:25 ----A---- C:\Windows\system32\oleaut32.dll
2017-06-05 16:08:25 ----A---- C:\Windows\system32\ClipSVC.dll
2017-06-05 16:08:25 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-06-05 16:08:24 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2017-06-05 16:08:24 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-06-05 16:08:24 ----A---- C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-06-05 16:08:24 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-06-05 16:08:23 ----A---- C:\Windows\system32\win32kbase.sys
2017-06-05 16:08:23 ----A---- C:\Windows\system32\modernexecserver.dll
2017-06-05 16:08:23 ----A---- C:\Windows\system32\browserbroker.dll
2017-06-05 16:08:23 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2017-06-05 16:08:22 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2017-06-05 16:08:22 ----A---- C:\Windows\system32\LogonController.dll
2017-06-05 16:08:22 ----A---- C:\Windows\system32\dbgeng.dll
2017-06-05 16:08:21 ----A---- C:\Windows\SYSWOW64\StoreAgent.dll
2017-06-05 16:08:21 ----A---- C:\Windows\system32\usocore.dll
2017-06-05 16:08:21 ----A---- C:\Windows\system32\updatehandlers.dll
2017-06-05 16:08:20 ----A---- C:\Windows\system32\wmpps.dll
2017-06-05 16:08:19 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-06-05 16:08:19 ----A---- C:\Windows\system32\hvax64.exe
2017-06-05 16:08:19 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2017-06-05 16:08:18 ----A---- C:\Windows\SYSWOW64\MSVPXENC.dll
2017-06-05 16:08:18 ----A---- C:\Windows\system32\securekernel.exe
2017-06-05 16:08:18 ----A---- C:\Windows\system32\InstallAgentUserBroker.exe
2017-06-05 16:08:17 ----A---- C:\Windows\SYSWOW64\InstallAgentUserBroker.exe
2017-06-05 16:08:17 ----A---- C:\Windows\system32\InstallAgent.exe
2017-06-05 16:08:16 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2017-06-05 16:08:16 ----A---- C:\Windows\system32\CoreUIComponents.dll
2017-06-05 16:08:15 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2017-06-05 16:08:15 ----A---- C:\Windows\system32\mssprxy.dll
2017-06-05 16:08:15 ----A---- C:\Windows\system32\CoreMessaging.dll
2017-06-05 16:08:15 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2017-06-05 16:08:14 ----A---- C:\Windows\SYSWOW64\InstallAgent.exe
2017-06-05 16:08:14 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2017-06-05 16:08:14 ----A---- C:\Windows\SYSWOW64\AzureSettingSyncProvider.dll
2017-06-05 16:08:13 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-06-05 16:08:13 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-06-05 16:08:13 ----A---- C:\Windows\SYSWOW64\aadtb.dll
2017-06-05 16:08:13 ----A---- C:\Windows\system32\vbscript.dll
2017-06-05 16:08:13 ----A---- C:\Windows\system32\aadtb.dll
2017-06-05 16:08:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-06-05 16:08:11 ----A---- C:\Windows\system32\WpcWebFilter.dll
2017-06-05 16:08:10 ----A---- C:\Windows\SYSWOW64\WpcWebFilter.dll
2017-06-05 16:08:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-06-05 16:08:10 ----A---- C:\Windows\SYSWOW64\cldapi.dll
2017-06-05 16:08:10 ----A---- C:\Windows\system32\GamePanel.exe
2017-06-05 16:08:10 ----A---- C:\Windows\system32\aadcloudap.dll
2017-06-05 16:08:09 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2017-06-05 16:08:09 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2017-06-05 16:08:09 ----A---- C:\Windows\system32\winsrv.dll
2017-06-05 16:08:09 ----A---- C:\Windows\system32\UIRibbonRes.dll
2017-06-05 16:08:09 ----A---- C:\Windows\system32\odbcconf.dll
2017-06-05 16:08:09 ----A---- C:\Windows\system32\cldapi.dll
2017-06-05 15:22:41 ----N---- C:\Windows\system32\MpSigStub.exe
2017-06-05 14:32:05 ----D---- C:\Program Files\Lenovo
2017-06-05 14:32:05 ----D---- C:\Program Files (x86)\Lenovo
2017-06-05 14:32:00 ----A---- C:\Windows\system32\WudfUpdate_01011.dll
2017-06-05 14:31:26 ----D---- C:\ProgramData\Package Cache
2017-06-05 14:30:05 ----D---- C:\ProgramData\Lenovo
2017-06-05 14:29:47 ----AD---- C:\Program Files\Dolby Digital Plus
2017-06-05 14:29:25 ----A---- C:\Windows\system32\stlang64.dll
2017-06-05 14:29:25 ----A---- C:\Windows\system32\stacsv64.exe
2017-06-05 14:29:25 ----A---- C:\Windows\system32\IDTPMA64.exe
2017-06-05 14:29:25 ----A---- C:\Windows\system32\drivers\SAMSfPa.dat
2017-06-05 14:28:49 ----AD---- C:\Program Files\IDT
2017-06-05 14:28:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-06-05 14:27:13 ----D---- C:\DRIVERS
2017-06-05 14:21:13 ----AD---- C:\Program Files (x86)\World of Warcraft
2017-06-05 14:19:10 ----AD---- C:\Program Files (x86)\Hearthstone
2017-06-05 14:15:37 ----D---- C:\ProgramData\Blizzard Entertainment
2017-06-05 14:12:13 ----AD---- C:\Program Files (x86)\Blizzard App
2017-06-05 14:10:46 ----D---- C:\Users\mail\AppData\Roaming\Battle.net
2017-06-05 14:10:05 ----D---- C:\ProgramData\Battle.net
2017-06-05 14:04:48 ----D---- C:\ProgramData\Riot Games
2017-06-05 14:03:42 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2017-06-05 14:03:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2017-06-05 14:03:42 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-06-05 14:03:42 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-06-05 14:03:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-06-05 14:03:37 ----D---- C:\Riot Games
2017-06-05 14:02:05 ----D---- C:\Users\mail\AppData\Roaming\Riot Games
2017-06-05 13:55:17 ----D---- C:\ProgramData\Microsoft OneDrive
2017-06-05 13:53:49 ----D---- C:\Users\mail\AppData\Roaming\Adobe
2017-06-05 13:52:12 ----SD---- C:\Users\mail\AppData\Roaming\Microsoft
2017-06-05 05:13:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-06-05 05:11:15 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2017-06-05 05:09:50 ----SHD---- C:\Recovery
2017-06-05 05:08:37 ----SHD---- C:\ProgramData\Šablony
2017-06-05 05:08:37 ----SHD---- C:\ProgramData\Plocha
2017-06-05 05:08:37 ----SHD---- C:\ProgramData\Nabídka Start
2017-06-05 05:08:37 ----SHD---- C:\ProgramData\Dokumenty
2017-06-05 05:08:37 ----SHD---- C:\ProgramData\Data aplikací
2017-06-05 05:08:36 ----SHD---- C:\Documents and Settings
2017-06-05 05:07:18 ----ASH---- C:\hiberfil.sys
2017-06-05 05:03:12 ----D---- C:\ProgramData\USOShared
2017-06-05 05:00:48 ----A---- C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-05 05:00:48 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-05 05:00:39 ----A---- C:\Windows\SYSWOW64\OpenCL.DLL
2017-06-05 05:00:39 ----A---- C:\Windows\system32\OpenCL.DLL
2017-06-05 05:00:38 ----D---- C:\Intel
2017-06-05 05:00:32 ----D---- C:\Program Files\Intel
2017-06-05 04:59:58 ----A---- C:\Windows\system32\nvsvcr.dll
2017-06-05 04:59:58 ----A---- C:\Windows\system32\nvsvc64.dll
2017-06-05 04:59:58 ----A---- C:\Windows\system32\nvshext.dll
2017-06-05 04:59:58 ----A---- C:\Windows\system32\nvmctray.dll
2017-06-05 04:59:58 ----A---- C:\Windows\system32\nvcpl.dll
2017-06-05 04:59:58 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-06-05 04:59:58 ----A---- C:\Windows\system32\nv3dappshext.dll
2017-06-05 04:59:57 ----A---- C:\Windows\SYSWOW64\oemdspif.dll
2017-06-05 04:59:55 ----D---- C:\Windows\SoftwareDistribution
2017-06-05 04:59:48 ----D---- C:\ProgramData\NVIDIA
2017-06-05 04:59:48 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-06-05 04:59:48 ----A---- C:\Windows\NvContainerRecovery.bat
2017-06-05 04:59:41 ----D---- C:\ProgramData\NVIDIA Corporation
2017-06-05 04:59:32 ----D---- C:\Program Files\NVIDIA Corporation
2017-06-05 04:53:55 ----HD---- C:\Program Files\Uninstall Information
2017-06-05 04:53:48 ----AS---- C:\Windows\bootstat.dat
2017-06-05 04:52:18 ----D---- C:\Windows\system32\SleepStudy
2017-06-05 04:52:18 ----D---- C:\Windows\ServiceProfiles
2017-06-05 04:52:16 ----SD---- C:\Windows\system32\Microsoft
2017-06-05 04:52:11 ----A---- C:\Windows\system32\FNTCACHE.DAT
2017-06-05 02:05:54 ----D---- C:\Windows\InfusedApps
2017-06-05 02:03:16 ----D---- C:\Program Files\Synaptics
2017-06-05 02:00:21 ----D---- C:\Windows\Setup
2017-06-05 01:58:52 ----D---- C:\Windows\SYSWOW64\XPSViewer
2017-06-05 01:58:52 ----D---- C:\Windows\OCR
2017-06-05 01:58:51 ----D---- C:\Program Files\Windows Media Player
2017-06-05 01:58:51 ----D---- C:\Program Files\Reference Assemblies
2017-06-05 01:58:51 ----D---- C:\Program Files\MSBuild
2017-06-05 01:58:51 ----D---- C:\Program Files (x86)\Windows Media Player
2017-06-05 01:58:51 ----D---- C:\Program Files (x86)\Reference Assemblies
2017-06-05 01:58:51 ----D---- C:\Program Files (x86)\MSBuild
2017-06-05 01:54:46 ----A---- C:\Windows\system32\perfi005.dat
2017-06-05 01:54:46 ----A---- C:\Windows\system32\perfh005.dat
2017-06-05 01:54:46 ----A---- C:\Windows\system32\perfd005.dat
2017-06-05 01:54:46 ----A---- C:\Windows\system32\perfc005.dat
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\winrm
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\WCN
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\sysprep
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\slmgr
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\en
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\drivers\UMDF
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2017-06-05 01:54:21 ----D---- C:\Windows\SYSWOW64\drivers\cs-CZ
2017-06-05 01:54:20 ----D---- C:\Windows\SYSWOW64\cs
2017-06-05 01:54:20 ----D---- C:\Windows\SYSWOW64\0409
2017-06-05 01:54:20 ----D---- C:\Windows\system32\winrm
2017-06-05 01:54:20 ----D---- C:\Windows\system32\WCN
2017-06-05 01:54:20 ----D---- C:\Windows\system32\slmgr
2017-06-05 01:54:20 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2017-06-05 01:54:19 ----D---- C:\Windows\system32\en
2017-06-05 01:54:19 ----D---- C:\Windows\system32\drivers\en-US
2017-06-05 01:54:19 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-06-05 01:54:18 ----D---- C:\Windows\system32\cs
2017-06-05 01:54:18 ----D---- C:\Windows\system32\0409
2017-06-05 01:54:00 ----D---- C:\Windows\en-US
2017-06-05 01:54:00 ----D---- C:\Windows\DigitalLocker
2017-06-05 01:54:00 ----D---- C:\Windows\cs-CZ
2017-06-05 01:51:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-06-05 01:51:02 ----A---- C:\Windows\system32\perfi009.dat
2017-06-05 01:51:02 ----A---- C:\Windows\system32\perfh009.dat
2017-06-05 01:51:02 ----A---- C:\Windows\system32\perfd009.dat
2017-06-05 01:51:02 ----A---- C:\Windows\system32\perfc009.dat
2017-06-05 01:49:24 ----A---- C:\Windows\SYSWOW64\NOISE.DAT
2017-06-05 01:49:24 ----A---- C:\Windows\SYSWOW64\msclmd.dll
2017-06-05 01:49:24 ----A---- C:\Windows\SYSWOW64\dssec.dat
2017-06-05 01:49:01 ----A---- C:\Windows\system32\NOISE.DAT
2017-06-05 01:49:00 ----A---- C:\Windows\system32\msclmd.dll
2017-06-05 01:48:35 ----A---- C:\Windows\system32\dssec.dat
2017-06-05 01:48:33 ----RSH---- C:\Windows\fonts\StaticCache.dat
2017-06-05 01:48:32 ----ASH---- C:\Program Files (x86)\desktop.ini
2017-06-05 01:48:32 ----A---- C:\Windows\win.ini
2017-06-05 01:48:32 ----A---- C:\Windows\system.ini
2017-06-05 01:48:32 ----A---- C:\Windows\fonts\desktop.ini
2017-06-05 01:48:26 ----ASH---- C:\Program Files\desktop.ini
2017-06-05 01:48:24 ----D---- C:\Windows\Web
2017-06-05 01:48:24 ----D---- C:\Windows\Vss
2017-06-05 01:48:24 ----D---- C:\Windows\twain_32
2017-06-05 01:48:24 ----D---- C:\Windows\tracing
2017-06-05 01:48:24 ----D---- C:\Windows\Temp
2017-06-05 01:48:24 ----D---- C:\Windows\Tasks
2017-06-05 01:48:24 ----D---- C:\Windows\TAPI
2017-06-05 01:48:24 ----D---- C:\Windows\SYSWOW64\zh-TW
2017-06-05 01:48:24 ----D---- C:\Windows\SYSWOW64\zh-CN
2017-06-05 01:48:24 ----D---- C:\Windows\SYSWOW64\WinMetadata
2017-06-05 01:48:23 ----SHD---- C:\Windows\Installer
2017-06-05 01:48:23 ----SHD---- C:\Program Files\Windows Sidebar
2017-06-05 01:48:23 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2017-06-05 01:48:23 ----SHD---- C:\$Recycle.Bin
2017-06-05 01:48:23 ----SD---- C:\Windows\SYSWOW64\Nui
2017-06-05 01:48:23 ----SD---- C:\Windows\SYSWOW64\F12
2017-06-05 01:48:23 ----SD---- C:\Windows\SYSWOW64\DiagSvcs
2017-06-05 01:48:23 ----SD---- C:\Windows\SYSWOW64\Configuration
2017-06-05 01:48:23 ----SD---- C:\Windows\system32\Nui
2017-06-05 01:48:23 ----SD---- C:\Windows\system32\F12
2017-06-05 01:48:23 ----SD---- C:\Windows\system32\dsc
2017-06-05 01:48:23 ----SD---- C:\Windows\system32\DiagSvcs
2017-06-05 01:48:23 ----SD---- C:\Windows\system32\Configuration
2017-06-05 01:48:23 ----SD---- C:\Windows\Downloaded Program Files
2017-06-05 01:48:23 ----SD---- C:\ProgramData\Microsoft
2017-06-05 01:48:23 ----RSD---- C:\Windows\Media
2017-06-05 01:48:23 ----RSD---- C:\Windows\Fonts
2017-06-05 01:48:23 ----RSD---- C:\Windows\assembly
2017-06-05 01:48:23 ----RD---- C:\Windows\PrintDialog
2017-06-05 01:48:23 ----RD---- C:\Windows\Offline Web Pages
2017-06-05 01:48:23 ----RD---- C:\Windows\MiracastView
2017-06-05 01:48:23 ----RD---- C:\Windows\Microsoft.NET
2017-06-05 01:48:23 ----RD---- C:\Windows\ImmersiveControlPanel
2017-06-05 01:48:23 ----RD---- C:\Program Files\Windows Defender
2017-06-05 01:48:23 ----RD---- C:\Program Files (x86)
2017-06-05 01:48:23 ----RD---- C:\Program Files
2017-06-05 01:48:23 ----HD---- C:\Windows\ELAMBKUP
2017-06-05 01:48:23 ----HD---- C:\ProgramData
2017-06-05 01:48:23 ----HD---- C:\Program Files\WindowsApps
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\WindowsPowerShell
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\wbem
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\uk-UA
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\tr-TR
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\th-TH
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Tasks
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\sv-SE
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\sru
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\sr-Latn-RS
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\sppui
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\spp
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Speech_OneCore
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Speech
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\SMI
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\setup
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\ru-RU
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\restore
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Recovery
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\RasToast
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\ras
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\pt-PT
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\pt-BR
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\oobe
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\nl-NL
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\networklist
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\NDF
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\nb-NO
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\MUI
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\MsDtc
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\MSDRM
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\migwiz
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\migration
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\MailContactsCalendarSync
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Macromed
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\LogFiles
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Licenses
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\ko-KR
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\ja-JP
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\it-IT
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Ipmi
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\InstallShield
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\InputMethod
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\inetsrv
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\IME
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\icsxml
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\he-IL
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\GroupPolicyUsers
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\FxsTmp
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\fr-FR
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\fr-CA
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\fi-FI
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\et-EE
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\es-MX
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\es-ES
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\en-US
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\en-GB
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\el-GR
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\DriverStore
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\drivers
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\downlevel
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Dism
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\de-DE
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\da-DK
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\config
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Com
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\catroot
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\Bthprops
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\ar-SA
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\AppLocker
2017-06-05 01:48:23 ----D---- C:\Windows\SYSWOW64\AdvancedInstallers
2017-06-05 01:48:23 ----D---- C:\Windows\syswow64
2017-06-05 01:48:23 ----D---- C:\Windows\SystemResources
2017-06-05 01:48:23 ----D---- C:\Windows\SystemApps
2017-06-05 01:48:23 ----D---- C:\Windows\system32\zh-TW
2017-06-05 01:48:23 ----D---- C:\Windows\system32\zh-CN
2017-06-05 01:48:23 ----D---- C:\Windows\system32\WinMetadata
2017-06-05 01:48:23 ----D---- C:\Windows\system32\winevt
2017-06-05 01:48:23 ----D---- C:\Windows\system32\WindowsPowerShell
2017-06-05 01:48:23 ----D---- C:\Windows\system32\WinBioPlugIns
2017-06-05 01:48:23 ----D---- C:\Windows\system32\WinBioDatabase
2017-06-05 01:48:23 ----D---- C:\Windows\system32\WDI
2017-06-05 01:48:23 ----D---- C:\Windows\system32\wbem
2017-06-05 01:48:23 ----D---- C:\Windows\system32\uk-UA
2017-06-05 01:48:23 ----D---- C:\Windows\system32\tr-TR
2017-06-05 01:48:23 ----D---- C:\Windows\system32\th-TH
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Tasks
2017-06-05 01:48:23 ----D---- C:\Windows\system32\SystemResetPlatform
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Sysprep
2017-06-05 01:48:23 ----D---- C:\Windows\system32\sv-SE
2017-06-05 01:48:23 ----D---- C:\Windows\system32\sru
2017-06-05 01:48:23 ----D---- C:\Windows\system32\sr-Latn-RS
2017-06-05 01:48:23 ----D---- C:\Windows\system32\sppui
2017-06-05 01:48:23 ----D---- C:\Windows\system32\spp
2017-06-05 01:48:23 ----D---- C:\Windows\system32\spool
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Speech_OneCore
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Speech
2017-06-05 01:48:23 ----D---- C:\Windows\system32\sl-SI
2017-06-05 01:48:23 ----D---- C:\Windows\system32\sk-SK
2017-06-05 01:48:23 ----D---- C:\Windows\system32\setup
2017-06-05 01:48:23 ----D---- C:\Windows\system32\SecureBootUpdates
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ru-RU
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ro-RO
2017-06-05 01:48:23 ----D---- C:\Windows\system32\restore
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Recovery
2017-06-05 01:48:23 ----D---- C:\Windows\system32\RasToast
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ras
2017-06-05 01:48:23 ----D---- C:\Windows\system32\pt-PT
2017-06-05 01:48:23 ----D---- C:\Windows\system32\pt-BR
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ProximityToast
2017-06-05 01:48:23 ----D---- C:\Windows\system32\PointOfService
2017-06-05 01:48:23 ----D---- C:\Windows\system32\pl-PL
2017-06-05 01:48:23 ----D---- C:\Windows\system32\oobe
2017-06-05 01:48:23 ----D---- C:\Windows\system32\nl-NL
2017-06-05 01:48:23 ----D---- C:\Windows\system32\networklist
2017-06-05 01:48:23 ----D---- C:\Windows\system32\NDF
2017-06-05 01:48:23 ----D---- C:\Windows\system32\nb-NO
2017-06-05 01:48:23 ----D---- C:\Windows\system32\MUI
2017-06-05 01:48:23 ----D---- C:\Windows\system32\MsDtc
2017-06-05 01:48:23 ----D---- C:\Windows\system32\MSDRM
2017-06-05 01:48:23 ----D---- C:\Windows\system32\migwiz
2017-06-05 01:48:23 ----D---- C:\Windows\system32\migration
2017-06-05 01:48:23 ----D---- C:\Windows\system32\MailContactsCalendarSync
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Macromed
2017-06-05 01:48:23 ----D---- C:\Windows\system32\lv-LV
2017-06-05 01:48:23 ----D---- C:\Windows\system32\lt-LT
2017-06-05 01:48:23 ----D---- C:\Windows\system32\LogFiles
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Licenses
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ko-KR
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ja-jp
2017-06-05 01:48:23 ----D---- C:\Windows\system32\it-IT
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Ipmi
2017-06-05 01:48:23 ----D---- C:\Windows\system32\InputMethod
2017-06-05 01:48:23 ----D---- C:\Windows\system32\inetsrv
2017-06-05 01:48:23 ----D---- C:\Windows\system32\IME
2017-06-05 01:48:23 ----D---- C:\Windows\system32\icsxml
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ias
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Hydrogen
2017-06-05 01:48:23 ----D---- C:\Windows\system32\hu-HU
2017-06-05 01:48:23 ----D---- C:\Windows\system32\hr-HR
2017-06-05 01:48:23 ----D---- C:\Windows\system32\he-IL
2017-06-05 01:48:23 ----D---- C:\Windows\system32\GroupPolicyUsers
2017-06-05 01:48:23 ----D---- C:\Windows\system32\GroupPolicy
2017-06-05 01:48:23 ----D---- C:\Windows\system32\FxsTmp
2017-06-05 01:48:23 ----D---- C:\Windows\system32\fr-FR
2017-06-05 01:48:23 ----D---- C:\Windows\system32\fr-CA
2017-06-05 01:48:23 ----D---- C:\Windows\system32\fi-FI
2017-06-05 01:48:23 ----D---- C:\Windows\system32\et-EE
2017-06-05 01:48:23 ----D---- C:\Windows\system32\es-MX
2017-06-05 01:48:23 ----D---- C:\Windows\system32\es-ES
2017-06-05 01:48:23 ----D---- C:\Windows\system32\en-US
2017-06-05 01:48:23 ----D---- C:\Windows\system32\en-GB
2017-06-05 01:48:23 ----D---- C:\Windows\system32\el-GR
2017-06-05 01:48:23 ----D---- C:\Windows\system32\drivers\etc
2017-06-05 01:48:23 ----D---- C:\Windows\system32\downlevel
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Dism
2017-06-05 01:48:23 ----D---- C:\Windows\system32\de-DE
2017-06-05 01:48:23 ----D---- C:\Windows\system32\DDFs
2017-06-05 01:48:23 ----D---- C:\Windows\system32\da-DK
2017-06-05 01:48:23 ----D---- C:\Windows\system32\cs-CZ
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Com
2017-06-05 01:48:23 ----D---- C:\Windows\system32\CodeIntegrity
2017-06-05 01:48:23 ----D---- C:\Windows\system32\catroot2
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Bthprops
2017-06-05 01:48:23 ----D---- C:\Windows\system32\Boot
2017-06-05 01:48:23 ----D---- C:\Windows\system32\bg-BG
2017-06-05 01:48:23 ----D---- C:\Windows\system32\ar-SA
2017-06-05 01:48:23 ----D---- C:\Windows\system32\appraiser
2017-06-05 01:48:23 ----D---- C:\Windows\system32\AppLocker
2017-06-05 01:48:23 ----D---- C:\Windows\system32\AdvancedInstallers
2017-06-05 01:48:23 ----D---- C:\Windows\System
2017-06-05 01:48:23 ----D---- C:\Windows\Speech_OneCore
2017-06-05 01:48:23 ----D---- C:\Windows\Speech
2017-06-05 01:48:23 ----D---- C:\Windows\SKB
2017-06-05 01:48:23 ----D---- C:\Windows\schemas
2017-06-05 01:48:23 ----D---- C:\Windows\SchCache
2017-06-05 01:48:23 ----D---- C:\Windows\ShellExperiences
2017-06-05 01:48:23 ----D---- C:\Windows\security
2017-06-05 01:48:23 ----D---- C:\Windows\Resources
2017-06-05 01:48:23 ----D---- C:\Windows\rescache
2017-06-05 01:48:23 ----D---- C:\Windows\Registration
2017-06-05 01:48:23 ----D---- C:\Windows\Provisioning
2017-06-05 01:48:23 ----D---- C:\Windows\prefetch
2017-06-05 01:48:23 ----D---- C:\Windows\PolicyDefinitions
2017-06-05 01:48:23 ----D---- C:\Windows\PLA
2017-06-05 01:48:23 ----D---- C:\Windows\Performance
2017-06-05 01:48:23 ----D---- C:\Windows\ModemLogs
2017-06-05 01:48:23 ----D---- C:\Windows\Migration
2017-06-05 01:48:23 ----D---- C:\Windows\Logs
2017-06-05 01:48:23 ----D---- C:\Windows\LiveKernelReports
2017-06-05 01:48:23 ----D---- C:\Windows\L2Schemas
2017-06-05 01:48:23 ----D---- C:\Windows\InputMethod
2017-06-05 01:48:23 ----D---- C:\Windows\IME
2017-06-05 01:48:23 ----D---- C:\Windows\HoloShell
2017-06-05 01:48:23 ----D---- C:\Windows\Help
2017-06-05 01:48:23 ----D---- C:\Windows\Globalization
2017-06-05 01:48:23 ----D---- C:\Windows\GameBarPresenceWriter
2017-06-05 01:48:23 ----D---- C:\Windows\diagnostics
2017-06-05 01:48:23 ----D---- C:\Windows\debug
2017-06-05 01:48:23 ----D---- C:\Windows\Cursors
2017-06-05 01:48:23 ----D---- C:\Windows\Branding
2017-06-05 01:48:23 ----D---- C:\Windows\Boot
2017-06-05 01:48:23 ----D---- C:\Windows\bcastdvr
2017-06-05 01:48:23 ----D---- C:\Windows\AppReadiness
2017-06-05 01:48:23 ----D---- C:\Windows\AppPatch
2017-06-05 01:48:23 ----D---- C:\Windows\appcompat
2017-06-05 01:48:23 ----D---- C:\Windows\addins
2017-06-05 01:48:23 ----D---- C:\ProgramData\WindowsHolographicDevices
2017-06-05 01:48:23 ----D---- C:\ProgramData\USOPrivate
2017-06-05 01:48:23 ----D---- C:\ProgramData\SoftwareDistribution
2017-06-05 01:48:23 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-06-05 01:48:23 ----D---- C:\Program Files\WindowsPowerShell
2017-06-05 01:48:23 ----D---- C:\Program Files\Windows Security
2017-06-05 01:48:23 ----D---- C:\Program Files\Windows Portable Devices
2017-06-05 01:48:23 ----D---- C:\Program Files\Windows Photo Viewer
2017-06-05 01:48:23 ----D---- C:\Program Files\Windows NT
2017-06-05 01:48:23 ----D---- C:\Program Files\Windows Multimedia Platform
2017-06-05 01:48:23 ----D---- C:\Program Files\Windows Mail
2017-06-05 01:48:23 ----D---- C:\Program Files\Internet Explorer
2017-06-05 01:48:23 ----D---- C:\Program Files\Common Files\System
2017-06-05 01:48:23 ----D---- C:\Program Files\Common Files\Services
2017-06-05 01:48:23 ----D---- C:\Program Files\Common Files\microsoft shared
2017-06-05 01:48:23 ----D---- C:\Program Files\Common Files
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\WindowsPowerShell
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Windows Portable Devices
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Windows NT
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Windows Mail
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Windows Defender
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Microsoft.NET
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Internet Explorer
2017-06-05 01:48:23 ----D---- C:\Program Files (x86)\Common Files
2017-06-05 01:48:23 ----D---- C:\PerfLogs
2017-06-05 01:48:07 ----D---- C:\Windows\system32\drivers\UMDF
2017-06-05 01:48:07 ----D---- C:\Windows\system32\drivers
2017-06-05 01:46:42 ----D---- C:\Windows\INF
2017-06-05 01:39:23 ----D---- C:\Windows\CbsTemp
2017-06-05 01:32:22 ----RD---- C:\Users
2017-06-05 01:32:22 ----D---- C:\Windows\WinSxS
2017-06-05 01:32:22 ----D---- C:\Windows\system32\SMI
2017-06-05 01:32:22 ----D---- C:\Windows\system32\DriverStore
2017-06-05 01:32:22 ----D---- C:\Windows\system32\config
2017-06-05 01:32:22 ----D---- C:\Windows\system32\CatRoot
2017-06-05 01:32:22 ----D---- C:\Windows\System32
2017-06-05 01:32:22 ----D---- C:\Windows\servicing
2017-06-05 01:32:22 ----D---- C:\Windows
2017-06-05 01:32:20 ----D---- C:\Windows\Panther
2017-06-05 00:01:48 ----HD---- C:\$SysReset
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\XpsDocumentTargetPrint.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\WiFiDisplay.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\VEEventDispatcher.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\UserDataTimeUtil.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\PackageStateRoaming.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\msIso.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-06-04 06:06:21 ----A---- C:\Windows\SYSWOW64\CloudBackupSettings.dll
2017-06-04 06:06:21 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-06-04 06:06:20 ----A---- C:\Windows\system32\MSVPXENC.dll
2017-06-04 06:06:06 ----A---- C:\Windows\system32\MSVideoDSP.dll
2017-06-04 06:06:06 ----A---- C:\Windows\system32\fveapi.dll
2017-06-04 06:06:06 ----A---- C:\Windows\system32\drivers\srv.sys
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\offreg.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\InputSwitch.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-06-04 06:06:05 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\Windows.UI.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\webplatstorageserver.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\webcheck.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\TSWorkspace.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\NotificationController.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\mshtmled.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\msfeeds.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\jscript9.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\ieproxy.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\iepeers.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\iedkcs32.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\ie4uinit.exe
2017-06-04 06:06:05 ----A---- C:\Windows\system32\gdi32full.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\dxtrans.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\atmlib.dll
2017-06-04 06:06:05 ----A---- C:\Windows\system32\atmfd.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\XpsPrint.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\SystemSettings.Handlers.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\StartTileData.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\SharedStartModel.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\RDXService.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\LockHostingFramework.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\LockAppBroker.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\InputSwitch.dll
2017-06-04 06:06:04 ----A---- C:\Windows\system32\AppResolver.dll
2017-06-04 06:05:56 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\wuaueng.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\wpx.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\wpnapps.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\winlogon.exe
2017-06-04 06:05:56 ----A---- C:\Windows\system32\wininet.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\WindowsCodecs.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\Windows.Gaming.Preview.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\win32kfull.sys
2017-06-04 06:05:56 ----A---- C:\Windows\system32\WiFiDisplay.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\wcmcsp.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\wc_storage.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\VEStoreEventHandlers.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\UserDataTimeUtil.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\urlmon.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\UpdateAgent.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\TileDataRepository.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\TDLMigration.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\StorSvc.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\SettingSyncHost.exe
2017-06-04 06:05:56 ----A---- C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\rpcss.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\quartz.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\PackageStateRoaming.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\ole32.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\NotificationObjFactory.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\musdialoghandlers.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\msIso.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\mmgaserver.exe
2017-06-04 06:05:56 ----A---- C:\Windows\system32\KernelBase.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\kernel32.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\imagehlp.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\iertutil.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\enterprisecsps.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\drivers\wcifs.sys
2017-06-04 06:05:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-06-04 06:05:56 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-06-04 06:05:56 ----A---- C:\Windows\system32\dosvc.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\domgmt.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\dbghelp.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\crypt32.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\comsvcs.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\combase.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\CloudBackupSettings.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\ci.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\catsrvps.dll
2017-06-04 06:05:56 ----A---- C:\Windows\system32\browser_broker.exe
2017-06-04 06:05:56 ----A---- C:\Windows\system32\bcdedit.exe
2017-06-04 06:05:56 ----A---- C:\Windows\system32\autochk.exe
2017-06-04 06:05:56 ----A---- C:\Windows\system32\asycfilt.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\PlayToManager.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\mmgaserver.exe
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\combase.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\autochk.exe
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-06-04 06:05:54 ----A---- C:\Windows\SYSWOW64\AppResolver.dll
2017-06-04 06:05:54 ----A---- C:\Windows\system32\WpAXHolder.dll
2017-06-04 06:05:54 ----A---- C:\Windows\system32\TokenBroker.dll
2017-06-04 06:05:54 ----A---- C:\Windows\system32\SpeechPal.dll
2017-06-04 06:05:54 ----A---- C:\Windows\system32\offreg.dll
2017-06-04 06:05:54 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2017-06-04 06:05:54 ----A---- C:\Windows\system32\drivers\netvsc.sys
2017-06-04 06:05:54 ----A---- C:\Windows\system32\drivers\bthport.sys
2017-06-04 06:05:54 ----A---- C:\Windows\system32\drivers\BasicRender.sys
2017-06-04 05:58:58 -------- C:\Windows\SYSWOW64\NlsLexicons0009.dll
2017-06-04 05:58:58 -------- C:\Windows\SYSWOW64\NlsData0009.dll
2017-06-04 05:58:58 -------- C:\Windows\system32\prm0009.dll
2017-06-04 05:58:58 -------- C:\Windows\system32\NlsLexicons0009.dll
2017-06-04 05:58:57 -------- C:\Windows\system32\NlsData0009.dll
2017-06-04 05:48:14 -------- C:\Windows\SYSWOW64\TsWpfWrp.exe
2017-06-04 05:48:14 -------- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2017-06-04 05:48:14 -------- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-04 05:48:09 -------- C:\Windows\system32\TsWpfWrp.exe
2017-06-04 05:48:09 -------- C:\Windows\system32\PresentationNative_v0300.dll
2017-06-04 05:48:09 -------- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-04 05:47:57 ----A---- C:\Windows\system32\reseteng.dll
2017-06-04 01:41:32 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2017-06-04 01:41:32 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-06-04 01:41:32 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-06-04 01:41:32 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-06-04 01:41:32 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-06-04 01:41:32 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2017-06-04 01:41:32 ----A---- C:\Windows\system32\nvopencl.dll
2017-06-04 01:41:32 ----A---- C:\Windows\system32\nvoglv64.dll
2017-06-04 01:41:32 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-06-04 01:41:32 ----A---- C:\Windows\system32\NvIFR64.dll
2017-06-04 01:41:32 ----A---- C:\Windows\system32\drivers\nvvhci.sys
2017-06-04 01:41:31 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-06-04 01:41:31 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2017-06-04 01:41:31 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-06-04 01:41:31 ----A---- C:\Windows\SYSWOW64\nvEncMFTH264.dll
2017-06-04 01:41:31 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-06-04 01:41:31 ----A---- C:\Windows\system32\NvFBC64.dll
2017-06-04 01:41:31 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-04 01:41:31 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-06-04 01:41:31 ----A---- C:\Windows\system32\nvEncMFTH264.dll
2017-06-04 01:41:31 ----A---- C:\Windows\system32\nvdispgenco6438233.dll
2017-06-04 01:41:31 ----A---- C:\Windows\system32\nvdispco6438233.dll
2017-06-04 01:41:31 ----A---- C:\Windows\system32\nvcuvid.dll
2017-06-04 01:41:27 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-06-04 01:41:27 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-06-04 01:41:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-06-04 01:41:27 ----A---- C:\Windows\system32\nvcuda.dll
2017-06-04 01:41:27 ----A---- C:\Windows\system32\nvcompiler.dll
2017-06-04 01:41:27 ----A---- C:\Windows\system32\nvapi64.dll
2017-06-04 01:29:43 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2017-06-04 01:29:43 ----A---- C:\Windows\system32\drivers\nvswcfilter.sys
======List of files/folders modified in the last 1 month======
2017-06-05 14:03:01 ----SHD---- C:\System Volume Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-04-30 677360]
R0 IntelHSWPcc;IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [2013-04-09 100184]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2017-03-18 49568]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 MpKsla2ca952e;MpKsla2ca952e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A5F63AA4-CDD8-48F5-8261-C6C91B2FE28A}\MpKsla2ca952e.sys [2017-06-10 44928]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\Windows\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 ACPIVPC;@oem27.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\Windows\System32\drivers\AcpiVpc.sys [2013-11-23 35600]
R3 AmUStor;@oem66.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2012-10-03 95232]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2017-03-18 105472]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-03-18 96768]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2017-03-18 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ibtusb;@oem26.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\Windows\system32\DRIVERS\ibtusb.sys [2017-01-13 231168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-11-02 7966192]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\System32\drivers\L1C63x64.sys [2017-03-18 121344]
R3 MEIx64;@oem104.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2013-05-17 64624]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\Windows\System32\drivers\Netwbw02.sys [2017-03-18 3485696]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_ed616d55e0bead92\nvlddmkm.sys [2017-05-19 14458264]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\System32\drivers\rfcomm.sys [2017-03-18 180736]
R3 rtsuvc;@oem91.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-04-24 8243144]
R3 SmbDrvI;SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [2015-06-03 42696]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2014-10-22 552960]
R3 SynTP;@oem52.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\System32\drivers\SynTP.sys [2015-06-03 613576]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\drivers\BTHport.sys [2017-06-04 980992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2017-03-18 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dtlitescsibus;@oem28.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-11-26 30264]
S3 dtliteusbbus;@oem16.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2015-11-26 47160]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hidkmdf;@oem42.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\Windows\System32\drivers\hidkmdf.sys [2014-08-06 14136]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\Windows\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStUSB;@oem57.inf,%NvStUSB.SvcDesc%;NVIDIA Stereoscopic 3D USB driver; C:\Windows\System32\drivers\nvstusb.sys [2017-01-17 478272]
S3 NVSWCFilter;@oem48.inf,%NVSWCFilter.SvcDesc%;NVIDIA SHIELD Wireless Controller Trackpad Service; C:\Windows\System32\drivers\nvswcfilter.sys [2017-05-03 26744]
S3 nvvhci;@oem73.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2017-05-18 57792]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-06-03 42184]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2017-03-18 104448]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\Windows\System32\Drivers\UcmTcpciCx.sys [2017-03-18 179200]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2017-03-18 51712]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2017-03-18 45568]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_3bad7;Uživatelská služba platformy připojených zařízení_3bad7; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2017-03-18 47664]
R2 ibtsiva;@oem26.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\Windows\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-11-02 373744]
R2 ImControllerService;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25 57160]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-18 462968]
R2 OneSyncSvc_3bad7;Hostitel synchronizace_3bad7; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2017-03-18 335808]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-10-22 340992]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-06-03 249032]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2017-03-18 47664]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2017-03-18 47664]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_3bad7;Data kontaktů_3bad7; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-09 271864]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-11-02 301552]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_3bad7;Tok zařízení_3bad7; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_3bad7;Služba zasílání zpráv_3bad7; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-18 173512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14 1326408]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\Windows\system32\spectrum.exe [2017-03-18 891904]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\Windows\system32\TieringEngineService.exe [2017-03-18 302592]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2017-03-18 47664]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\Windows\system32\svchost.exe [2017-03-18 47664]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podezření na havěť: zpomalený procesor
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118278
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na havěť: zpomalený procesor
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podezření na havěť: zpomalený procesor
AdwC log:
# AdwCleaner v6.047 - Log vytvořen 11/06/2017 v 13:31:34
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-10.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : mail - DESKTOP-EEC3P4E
# Spuštěno z : C:\Users\mail\Downloads\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\mail\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1087 Bajty] - [06/06/2017 21:24:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [1011 Bajty] - [11/06/2017 13:31:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [1384 Bajty] - [06/06/2017 21:23:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [1516 Bajty] - [11/06/2017 01:31:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [1674 Bajty] - [11/06/2017 13:30:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1303 Bajty] ##########
# AdwCleaner v6.047 - Log vytvořen 11/06/2017 v 13:31:34
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-10.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : mail - DESKTOP-EEC3P4E
# Spuštěno z : C:\Users\mail\Downloads\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\mail\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1087 Bajty] - [06/06/2017 21:24:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [1011 Bajty] - [11/06/2017 13:31:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [1384 Bajty] - [06/06/2017 21:23:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [1516 Bajty] - [11/06/2017 01:31:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [1674 Bajty] - [11/06/2017 13:30:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1303 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 118278
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na havěť: zpomalený procesor
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podezření na havěť: zpomalený procesor
Přikládám log a addition:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-06-2017
Ran by mail (administrator) on DESKTOP-EEC3P4E (11-06-2017 17:20:56)
Running from C:\Users\mail\Desktop
Loaded Profiles: mail (Available Profiles: mail)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(SuperBoost Software) C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe.del
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Lenovo Group Limited) C:\Users\mail\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\mail\Downloads\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5456392 2017-06-11] (Realtek semiconductor)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-10-22] (IDT, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.94.1
Tcpip\..\Interfaces\{029b5fc2-77db-4364-a130-ef206a2a17f1}: [DhcpNameServer] 192.168.92.1 192.168.117.1
Tcpip\..\Interfaces\{ab2f20a9-2884-4717-a352-bb67712d386d}: [DhcpNameServer] 192.168.94.1
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: g9ckyphp.default
FF ProfilePath: C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default [2017-06-11]
FF Extension: (Adblock Plus) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Follow-on Search Telemetry) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default\features\{822da7f7-bb10-4094-89df-5a1b4f0b126d}\followonsearch@mozilla.com.xpi [2017-06-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-06-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-09] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-05-14] (Overwolf LTD)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340992 2014-10-22] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251480 2017-06-11] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz138; C:\Users\mail\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2017-06-11] (CPUID) <==== ATTENTION
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-26] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-26] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-06-11] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [231944 2017-06-11] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R1 MpKsl41451853; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A5F63AA4-CDD8-48F5-8261-C6C91B2FE28A}\MpKsl41451853.sys [44928 2017-06-11] (Microsoft Corporation)
S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\drivers\Netwsw02.sys [3424512 2017-06-11] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_ed616d55e0bead92\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [26744 2017-05-03] (Windows (R) Win 7 DDK provider)
S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3149832 2017-06-11] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-06-03] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2017-06-11] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\drivers\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-11 17:20 - 2017-06-11 17:21 - 00008837 _____ C:\Users\mail\Desktop\FRST.txt
2017-06-11 17:20 - 2017-06-11 17:20 - 00000000 ____D C:\FRST
2017-06-11 17:19 - 2017-06-11 17:19 - 00112640 _____ (forum.viry.cz) C:\Users\mail\Downloads\FRSTLauncher.exe
2017-06-11 17:18 - 2017-06-11 17:18 - 02438656 _____ (Farbar) C:\Users\mail\Desktop\FRST64.exe
2017-06-11 16:33 - 2017-06-11 16:33 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Temp
2017-06-11 13:26 - 2017-06-11 13:26 - 00000000 ___HD C:\OneDriveTemp
2017-06-11 02:57 - 2017-06-11 02:57 - 10719648 _____ C:\Windows\system32\Drivers\Netwfw02.dat
2017-06-11 02:57 - 2017-06-11 02:57 - 03424512 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwsw02.sys
2017-06-11 02:56 - 2017-06-11 02:56 - 01980672 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00645640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP64.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00560648 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamP.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00378040 _____ (Intel Corporation) C:\Windows\system32\ibtproppage.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00104456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamO64.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00000000 ____D C:\Program Files\Realtek
2017-06-11 02:55 - 2017-06-11 02:55 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2017-06-11 02:55 - 2017-06-11 02:55 - 00419928 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2017-06-11 02:55 - 2017-06-11 02:55 - 00292952 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo34-13.dll
2017-06-11 02:55 - 2017-06-11 02:55 - 00161864 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\L1C63x64.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00089688 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynHidI2C_Aux.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00042584 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel_Aux.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00042072 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00041952 _____ C:\Windows\system32\AmUStor.ini
2017-06-11 02:55 - 2017-06-11 02:55 - 00020632 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2017-06-11 02:55 - 2017-06-11 02:55 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000124 _____ C:\Windows\system32\VendorCmd6485_SetSSC.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000032 _____ C:\Windows\system32\VendorCommand_MS1bit.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6420.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6366.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6362.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6361.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6339.bin
2017-06-11 02:54 - 2017-06-11 03:10 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2017-06-11 02:54 - 2017-06-11 02:54 - 00204920 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2017-06-11 02:54 - 2017-06-11 02:54 - 00000000 ____D C:\Users\mail\AppData\Roaming\SuperBoost
2017-06-11 02:54 - 2017-06-11 02:54 - 00000000 ____D C:\ProgramData\SuperBoost
2017-06-11 02:53 - 2017-06-11 02:56 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-06-11 02:49 - 2017-06-11 03:11 - 00000000 ____D C:\ProgramData\ProductData
2017-06-11 02:49 - 2017-06-11 03:04 - 00003034 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (mail)
2017-06-11 02:49 - 2017-06-11 02:50 - 00000000 ____D C:\Users\mail\AppData\LocalLow\IObit
2017-06-11 02:49 - 2017-06-11 02:49 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-06-11 02:49 - 2017-06-11 02:49 - 00000000 ____D C:\Windows\IObit
2017-06-11 02:48 - 2017-06-11 13:31 - 00000000 ____D C:\Users\mail\AppData\Roaming\IObit
2017-06-11 02:48 - 2017-06-11 13:31 - 00000000 ____D C:\ProgramData\IObit
2017-06-11 01:54 - 2017-06-11 01:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2017-06-11 01:54 - 2017-06-11 01:54 - 00000000 ____D C:\Users\mail\AppData\Roaming\NVIDIA
2017-06-11 01:53 - 2017-06-11 01:54 - 00000000 ____D C:\Users\mail\AppData\Local\LenovoServiceBridge
2017-06-09 16:51 - 2017-06-09 16:51 - 00000000 ____D C:\Users\mail\AppData\Roaming\Macromedia
2017-06-09 16:51 - 2017-06-09 16:51 - 00000000 ____D C:\Users\mail\AppData\Local\Macromedia
2017-06-09 16:50 - 2017-06-09 16:50 - 00004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-06 21:21 - 2017-06-11 13:31 - 00000000 ____D C:\AdwCleaner
2017-06-06 21:15 - 2017-06-11 01:12 - 00000000 ____D C:\Program Files\trend micro
2017-06-06 21:15 - 2017-06-06 21:16 - 00000000 ____D C:\rsit
2017-06-06 14:12 - 2017-06-06 14:12 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Adobe
2017-06-06 14:11 - 2017-06-06 21:38 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-06-06 14:10 - 2017-06-06 14:13 - 00000000 ____D C:\ProgramData\Adobe
2017-06-06 14:10 - 2017-06-06 14:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-06-06 14:10 - 2017-06-06 14:10 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-06-06 14:10 - 2017-06-06 14:10 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-06 14:09 - 2017-06-09 16:50 - 00000000 ____D C:\Users\mail\AppData\Local\Adobe
2017-06-06 01:52 - 2017-06-06 01:52 - 00004382 _____ C:\Windows\System32\Tasks\Overwolf Updater Task
2017-06-06 01:52 - 2017-06-06 01:52 - 00000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2017-06-06 01:52 - 2017-06-06 01:52 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-06-06 01:51 - 2017-06-06 01:52 - 00000000 ____D C:\ProgramData\Overwolf
2017-06-06 01:50 - 2017-06-06 01:52 - 00000000 ____D C:\Users\mail\AppData\Local\Overwolf
2017-06-06 01:37 - 2017-06-09 02:21 - 00000000 ____D C:\Users\mail\AppData\Roaming\HearthstoneDeckTracker
2017-06-06 01:37 - 2017-06-06 01:37 - 00002577 _____ C:\Users\mail\Desktop\Hearthstone Deck Tracker.lnk
2017-06-06 01:37 - 2017-06-06 01:37 - 00000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-06-06 01:37 - 2017-06-06 01:37 - 00000000 ____D C:\Users\mail\AppData\Local\SquirrelTemp
2017-06-06 01:37 - 2017-06-06 01:37 - 00000000 ____D C:\Users\mail\AppData\Local\HearthstoneDeckTracker
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\Users\mail\AppData\Roaming\.mono
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Blizzard Entertainment
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\Users\mail\AppData\Local\Blizzard
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\ProgramData\.mono
2017-06-05 18:52 - 2017-06-11 17:17 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Mozilla
2017-06-05 18:48 - 2017-06-05 18:55 - 00000000 ____D C:\Users\mail\AppData\Local\Mozilla
2017-06-05 18:48 - 2017-06-05 18:52 - 00000000 ____D C:\Users\mail\AppData\Roaming\Mozilla
2017-06-05 18:48 - 2017-06-05 18:48 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-06-05 18:48 - 2017-06-05 18:48 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-06-05 18:48 - 2017-06-05 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-05 18:48 - 2017-06-05 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-05 16:11 - 2017-06-05 16:13 - 00000000 ____D C:\Windows\system32\MRT
2017-06-05 16:11 - 2017-06-05 16:11 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-05 16:08 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-06-05 16:08 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-05 16:08 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-05 16:08 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-05 16:08 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-06-05 16:08 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-05 16:08 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-06-05 16:08 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-05 16:08 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-05 16:08 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-05 16:08 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-06-05 16:08 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-06-05 16:08 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-06-05 16:08 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-06-05 16:08 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-05 16:08 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-06-05 16:08 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-06-05 16:08 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-05 16:08 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-06-05 16:08 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-05 16:08 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-06-05 16:08 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-06-05 16:08 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-06-05 16:08 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-05 16:08 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-05 16:08 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-06-05 16:08 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-06-05 16:08 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-06-05 16:08 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-05 16:08 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-05 16:08 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-06-05 16:08 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-06-05 16:08 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-05 16:08 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-06-05 16:08 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-06-05 16:08 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-05 16:08 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-06-05 16:08 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-06-05 16:08 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-05 16:08 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-06-05 16:08 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-06-05 16:08 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-06-05 16:08 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-06-05 16:08 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-06-05 16:08 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-06-05 16:08 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-05 16:08 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-05 16:08 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-05 16:08 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-05 16:08 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-06-05 16:08 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-05 16:08 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-06-05 16:08 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-06-05 16:08 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-06-05 16:08 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-06-05 16:08 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-05 16:08 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-06-05 16:08 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-06-05 16:08 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-06-05 16:08 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-06-05 16:08 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-06-05 16:08 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-06-05 16:08 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-06-05 16:08 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-05 16:08 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-06-05 16:08 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-05 16:08 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-06-05 16:08 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-06-05 16:08 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-06-05 16:08 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-06-05 16:08 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-05 16:08 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-06-05 16:08 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-06-05 16:08 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-06-05 16:08 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-06-05 16:08 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-06-05 16:08 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-06-05 16:08 - 2017-04-01 03:05 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-05 16:08 - 2017-04-01 03:04 - 01147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-05 16:08 - 2017-04-01 03:04 - 01024416 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-05 16:08 - 2017-04-01 02:57 - 00626520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-05 15:22 - 2017-06-05 15:20 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-06-05 15:07 - 2017-06-05 15:07 - 00001034 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2017-06-05 15:07 - 2017-06-05 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2017-06-05 14:53 - 2017-06-05 14:56 - 00000978 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2017-06-05 14:53 - 2017-06-05 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-06-05 14:45 - 2017-06-11 13:38 - 00005814 _____ C:\Windows\system32\InstallUtil.InstallLog
2017-06-05 14:32 - 2017-06-11 01:54 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-06-05 14:32 - 2017-06-05 14:32 - 02365296 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2017-06-05 14:32 - 2017-06-05 14:32 - 00000000 ____D C:\Program Files\Lenovo
2017-06-05 14:31 - 2017-06-05 14:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-05 14:30 - 2017-06-11 01:54 - 00000000 ____D C:\ProgramData\Lenovo
2017-06-05 14:29 - 2017-06-05 14:29 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-05 14:29 - 2017-06-05 14:29 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2017-06-05 14:29 - 2015-01-07 10:37 - 00001352 _____ C:\Windows\system32\Drivers\SAMSfPa.dat
2017-06-05 14:29 - 2014-10-22 15:10 - 06154240 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2017-06-05 14:29 - 2014-10-22 15:10 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2017-06-05 14:29 - 2014-10-22 15:10 - 00340992 _____ (IDT, Inc.) C:\Windows\system32\stacsv64.exe
2017-06-05 14:29 - 2014-10-22 15:10 - 00088576 _____ (IDT, Inc.) C:\Windows\system32\IDTPMA64.exe
2017-06-05 14:28 - 2017-06-05 14:29 - 00000000 ____D C:\Program Files\IDT
2017-06-05 14:28 - 2017-06-05 14:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-05 14:21 - 2017-06-11 03:03 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2017-06-05 14:19 - 2017-06-06 01:28 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-06-05 14:15 - 2017-06-05 14:15 - 00000000 ____D C:\Users\mail\AppData\Local\DBG
2017-06-05 14:15 - 2017-06-05 14:15 - 00000000 ____D C:\Users\mail\AppData\Local\Blizzard Entertainment
2017-06-05 14:15 - 2017-06-05 14:15 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-06-05 14:14 - 2017-06-11 03:16 - 00000000 ____D C:\Users\mail\AppData\Local\Battle.net
2017-06-05 14:14 - 2017-06-05 14:14 - 00000966 _____ C:\Users\Public\Desktop\Blizzard App.lnk
2017-06-05 14:14 - 2017-06-05 14:14 - 00000000 ____D C:\Users\mail\Documents\League of Legends
2017-06-05 14:14 - 2017-06-05 14:14 - 00000000 ____D C:\Users\mail\AppData\Local\CEF
2017-06-05 14:14 - 2017-06-05 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-06-05 14:12 - 2017-06-11 03:02 - 00000000 ____D C:\Program Files (x86)\Blizzard App
2017-06-05 14:10 - 2017-06-05 14:15 - 00000000 ____D C:\Users\mail\AppData\Roaming\Battle.net
2017-06-05 14:10 - 2017-06-05 14:10 - 00000000 ____D C:\ProgramData\Battle.net
2017-06-05 14:04 - 2017-06-05 14:04 - 00000000 ____D C:\ProgramData\Riot Games
2017-06-05 14:03 - 2017-06-05 14:40 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2017-06-05 14:03 - 2017-06-05 14:14 - 00001760 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-06-05 14:03 - 2017-06-05 14:03 - 00000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-06-05 14:03 - 2017-06-05 14:03 - 00000000 ____D C:\Riot Games
2017-06-05 14:03 - 2017-06-05 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-06-05 14:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-06-05 14:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-06-05 14:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-06-05 14:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-06-05 14:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-06-05 14:02 - 2017-06-05 14:04 - 00000000 ____D C:\Users\mail\AppData\Roaming\Riot Games
2017-06-05 13:56 - 2017-06-05 13:56 - 00000000 ____D C:\Users\mail\AppData\Local\MicrosoftEdge
2017-06-05 13:55 - 2017-06-11 13:34 - 00000000 ___RD C:\Users\mail\OneDrive
2017-06-05 13:55 - 2017-06-05 13:55 - 00003288 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-05 13:55 - 2017-06-05 13:55 - 00002399 _____ C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-05 13:55 - 2017-06-05 13:55 - 00000000 ____D C:\Users\mail\AppData\Local\Comms
2017-06-05 13:55 - 2017-06-05 13:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-05 13:53 - 2017-06-11 13:33 - 00000000 __SHD C:\Users\mail\IntelGraphicsProfiles
2017-06-05 13:53 - 2017-06-06 14:12 - 00000000 ____D C:\Users\mail\AppData\Roaming\Adobe
2017-06-05 13:53 - 2017-06-05 23:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-05 13:53 - 2017-06-05 23:08 - 00000000 ____D C:\Users\mail\AppData\Local\ConnectedDevicesPlatform
2017-06-05 13:53 - 2017-06-05 15:06 - 00000000 ____D C:\Users\mail\AppData\Local\Packages
2017-06-05 13:53 - 2017-06-05 13:53 - 00000000 ____D C:\Users\mail\AppData\Local\VirtualStore
2017-06-05 13:53 - 2017-06-05 13:53 - 00000000 ____D C:\Users\mail\AppData\Local\TileDataLayer
2017-06-05 13:53 - 2017-06-05 13:53 - 00000000 ____D C:\Users\mail\AppData\Local\Publishers
2017-06-05 13:52 - 2017-06-11 13:32 - 00000000 ____D C:\Users\mail
2017-06-05 13:52 - 2017-06-05 13:52 - 00000020 ___SH C:\Users\mail\ntuser.ini
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Šablony
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Soubory cookie
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Poslední
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Okolní tiskárny
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Okolní síť
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Nabídka Start
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Dokumenty
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Documents\Obrázky
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Documents\Hudba
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Documents\Filmy
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Data aplikací
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\AppData\Local\Data aplikací
2017-06-05 05:13 - 2017-06-11 13:39 - 01903526 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-05 05:11 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Public\Documents\Obrázky
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Public\Documents\Hudba
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Public\Documents\Filmy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Šablony
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Poslední
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Okolní síť
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Dokumenty
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\All Users
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Šablony
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Plocha
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Dokumenty
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Documents and Settings
2017-06-05 05:03 - 2017-06-05 05:03 - 00000000 ____D C:\ProgramData\USOShared
2017-06-05 05:00 - 2017-06-11 13:33 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-05 05:00 - 2017-06-05 05:11 - 00000000 ____D C:\Intel
2017-06-05 05:00 - 2017-06-05 05:00 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-05 05:00 - 2017-06-05 05:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-06-05 05:00 - 2017-06-05 05:00 - 00000000 ____D C:\Program Files\Intel
2017-06-05 05:00 - 2017-06-05 05:00 - 00000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2017-06-05 05:00 - 2016-11-02 00:05 - 00103952 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2017-06-05 05:00 - 2016-11-02 00:05 - 00099848 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2017-06-05 04:59 - 2017-06-11 13:33 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-05 04:59 - 2017-05-18 07:55 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-05 04:59 - 2017-05-18 07:48 - 06437824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 02479736 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00548984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00146880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-06-05 04:59 - 2017-05-16 20:09 - 07993157 _____ C:\Windows\system32\nvcoproc.bin
2017-06-05 04:53 - 2017-06-11 13:33 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-05 04:52 - 2017-06-11 17:17 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-06-05 04:52 - 2017-06-05 23:05 - 00218192 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-05 04:52 - 2017-06-05 04:52 - 00000000 ____D C:\Windows\ServiceProfiles
2017-06-05 02:05 - 2017-06-05 02:05 - 00008192 _____ C:\Windows\system32\config\userdiff
2017-06-05 02:05 - 2017-06-05 02:05 - 00000000 ____D C:\Windows\InfusedApps
2017-06-05 02:03 - 2017-06-05 02:03 - 00000000 ____D C:\Program Files\Synaptics
2017-06-05 02:00 - 2017-06-05 02:00 - 00000000 ____D C:\Windows\Setup
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\OCR
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files\MSBuild
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-05 01:54 - 2017-06-11 13:39 - 00817360 _____ C:\Windows\system32\perfh005.dat
2017-06-05 01:54 - 2017-06-11 13:39 - 00170028 _____ C:\Windows\system32\perfc005.dat
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\winrm
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\WCN
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\winrm
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\WCN
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\slmgr
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\cs
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\0409
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\cs
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\0409
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\DigitalLocker
2017-06-05 01:54 - 2017-06-05 01:53 - 00296964 _____ C:\Windows\system32\perfi005.dat
2017-06-05 01:54 - 2017-06-05 01:53 - 00038778 _____ C:\Windows\system32\perfd005.dat
2017-06-05 01:51 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-05 01:51 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-05 01:49 - 2017-06-05 02:12 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-06-05 01:49 - 2017-06-05 01:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2017-06-05 01:49 - 2017-06-05 01:45 - 00215943 _____ C:\Windows\SysWOW64\dssec.dat
2017-06-05 01:49 - 2017-06-05 01:45 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2017-06-05 01:49 - 2017-06-05 01:45 - 00017635 _____ C:\Windows\system32\Drivers\etc\services
2017-06-05 01:49 - 2017-06-05 01:45 - 00015940 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2017-06-05 01:49 - 2017-06-05 01:45 - 00004096 _____ C:\Windows\system32\config\VSMIDK
2017-06-05 01:49 - 2017-06-05 01:45 - 00003683 _____ C:\Windows\system32\Drivers\etc\lmhosts.sam
2017-06-05 01:49 - 2017-06-05 01:45 - 00001358 _____ C:\Windows\system32\Drivers\etc\protocol
2017-06-05 01:49 - 2017-06-05 01:45 - 00000741 _____ C:\Windows\SysWOW64\NOISE.DAT
2017-06-05 01:49 - 2017-06-05 01:45 - 00000741 _____ C:\Windows\system32\NOISE.DAT
2017-06-05 01:49 - 2017-06-05 01:45 - 00000407 _____ C:\Windows\system32\Drivers\etc\networks
2017-06-05 01:48 - 2017-06-10 14:34 - 00000000 ____D C:\Windows\AppReadiness
2017-06-05 01:48 - 2017-06-09 16:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-05 01:48 - 2017-06-09 16:50 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-05 01:48 - 2017-06-08 12:38 - 00000000 ____D C:\Windows\rescache
2017-06-05 01:48 - 2017-06-08 12:30 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-05 01:48 - 2017-06-06 04:29 - 00000000 ____D C:\Windows\appcompat
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ___SD C:\Windows\system32\F12
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\system32\Dism
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\Provisioning
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-05 01:48 - 2017-06-05 13:52 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-06-05 01:48 - 2017-06-05 05:11 - 00000000 ____D C:\Windows\system32\spool
2017-06-05 01:48 - 2017-06-05 05:11 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-06-05 01:48 - 2017-06-05 05:08 - 00000000 ____D C:\Program Files\Windows NT
2017-06-05 01:48 - 2017-06-05 05:06 - 00000000 ____D C:\Windows\system32\Sysprep
2017-06-05 01:48 - 2017-06-05 05:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-05 01:48 - 2017-06-05 05:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-05 01:48 - 2017-06-05 05:02 - 00000000 ___RD C:\Windows\PrintDialog
2017-06-05 01:48 - 2017-06-05 05:02 - 00000000 ___RD C:\Windows\MiracastView
2017-06-05 01:48 - 2017-06-05 05:01 - 00000000 ____D C:\Windows\HoloShell
2017-06-05 01:48 - 2017-06-05 04:59 - 00000000 ____D C:\Windows\Help
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\SystemApps
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\system32\MUI
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ___SD C:\Windows\system32\dsc
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\setup
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\oobe
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\Com
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\IME
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Program Files\Common Files\System
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ___SD C:\Windows\SysWOW64\Nui
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ___SD C:\Windows\system32\Nui
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\WinMetadata
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\MailContactsCalendarSync
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\downlevel
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\Bthprops
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\WinMetadata
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\MsDtc
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\MailContactsCalendarSync
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\icsxml
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\ias
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\downlevel
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\DDFs
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\Bthprops
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __RSD C:\Windows\Media
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___SD C:\Windows\system32\Configuration
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___SD C:\Windows\Downloaded Program Files
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___RD C:\Windows\Offline Web Pages
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Web
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Vss
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\tracing
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\TAPI
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\SMI
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\ras
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\NDF
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\MsDtc
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\Ipmi
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\InputMethod
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\IME
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicyUsers
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\FxsTmp
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\AppLocker
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SystemResources
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\winevt
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\ras
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\ProximityToast
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\PointOfService
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\NDF
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\Ipmi
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\InputMethod
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\inetsrv
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\IME
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\Hydrogen
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\GroupPolicyUsers
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\GroupPolicy
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\config\Journal
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\AppLocker
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\System
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SKB
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\schemas
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SchCache
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\security
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Resources
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Registration
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\PLA
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Performance
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\ModemLogs
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\LiveKernelReports
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\L2Schemas
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\InputMethod
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Globalization
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\GameBarPresenceWriter
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Cursors
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Branding
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\bcastdvr
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\addins
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\ProgramData\WindowsHolographicDevices
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Windows Security
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Common Files\Services
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files (x86)\Windows NT
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2017-06-05 01:48 - 2017-06-05 01:45 - 00215943 _____ C:\Windows\system32\dssec.dat
2017-06-05 01:48 - 2017-06-05 01:45 - 00000858 _____ C:\Windows\system32\DefaultQuestions.json
2017-06-05 01:48 - 2017-06-05 01:45 - 00000219 _____ C:\Windows\system.ini
2017-06-05 01:48 - 2017-06-05 01:45 - 00000092 _____ C:\Windows\win.ini
2017-06-05 01:46 - 2017-06-11 02:57 - 00000000 ____D C:\Windows\INF
2017-06-05 01:39 - 2017-06-05 16:11 - 00000000 ____D C:\Windows\CbsTemp
2017-06-05 01:32 - 2017-06-11 13:32 - 01048576 _____ C:\Windows\system32\config\BBI
2017-06-05 01:32 - 2017-06-05 05:10 - 00000000 ____D C:\Windows\Panther
2017-06-05 01:32 - 2017-06-05 04:53 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-06-05 01:32 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\servicing
2017-06-05 01:32 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\SMI
2017-06-05 00:01 - 2017-06-05 02:23 - 00000000 ___HD C:\$SysReset
2017-06-04 06:06 - 2017-06-04 06:06 - 04730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 04446208 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 03655680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02158544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-04 06:06 - 2017-06-04 06:06 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-04 06:06 - 2017-06-04 06:06 - 01657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01604312 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01518088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01433600 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01051648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00987648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00741784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00716440 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00673112 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00599576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00559000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-06-04 06:06 - 2017-06-04 06:06 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-06-04 06:06 - 2017-06-04 06:06 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-06-04 06:06 - 2017-06-04 06:06 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-06-04 06:06 - 2017-06-04 06:06 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-04 06:06 - 2017-06-04 06:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-04 06:06 - 2017-06-04 06:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-04 06:06 - 2017-06-04 06:06 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 03672064 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 03116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02957824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 02635336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02443776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02085280 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01852776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01760264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01611776 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01605632 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01557288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01411128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01325456 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01320352 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01295872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00980992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00799232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00708712 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00651680 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00523296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00409504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00388000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-04 06:05 - 2017-06-04 06:05 - 00354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00311192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00142240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00105456 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00095584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00032004 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-06-04 06:05 - 2017-06-04 06:05 - 00027040 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-06-04 05:58 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-06-04 05:58 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-06-04 05:58 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-06-04 05:58 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-06-04 05:58 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-06-04 05:48 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-06-04 05:48 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-06-04 05:47 - 2017-06-04 05:47 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 04114248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 03624784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438233.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438233.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-04 01:41 - 2017-05-18 09:35 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-06-04 01:41 - 2017-05-18 09:35 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-06-04 01:41 - 2017-05-18 09:35 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-06-04 01:29 - 2017-05-03 22:21 - 01730168 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-06-04 01:29 - 2017-05-03 22:21 - 00026744 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\nvswcfilter.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-11 02:56 - 2017-01-13 22:11 - 00231944 _____ (Intel Corporation) C:\Windows\system32\Drivers\ibtusb.sys
2017-06-11 02:56 - 2017-01-13 22:11 - 00183480 _____ (Intel Corporation) C:\Windows\system32\ibtsiva.exe
2017-06-11 02:56 - 2013-11-23 16:53 - 05456392 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
2017-06-11 02:56 - 2013-11-23 16:53 - 03149832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2017-06-11 02:55 - 2015-06-03 04:16 - 00772184 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2017-06-11 02:55 - 2015-06-03 04:16 - 00633432 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2017-06-11 02:55 - 2015-06-03 04:16 - 00278616 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2017-06-11 02:55 - 2013-04-30 22:25 - 01469952 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2017-06-11 02:55 - 2012-10-03 11:26 - 00090264 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2017-06-11 02:53 - 2015-06-03 04:16 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-06-11 02:53 - 2015-06-03 04:16 - 00033960 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
==================== Files in the root of some directories =======
2017-06-05 14:29 - 2017-06-05 14:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-05 04:52
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows8_OS) (Fixed) (Total:889 GB) (Free:817.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.93 GB) NTFS
Available physical RAM: 5248.95 MB
Total physical RAM: 8116.27 MB
Percentage of memory in use: 35%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: C201B125)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\mail\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-06-2017
Ran by mail (administrator) on DESKTOP-EEC3P4E (11-06-2017 17:20:56)
Running from C:\Users\mail\Desktop
Loaded Profiles: mail (Available Profiles: mail)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(SuperBoost Software) C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe.del
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Lenovo Group Limited) C:\Users\mail\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\mail\Downloads\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5456392 2017-06-11] (Realtek semiconductor)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-10-22] (IDT, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.94.1
Tcpip\..\Interfaces\{029b5fc2-77db-4364-a130-ef206a2a17f1}: [DhcpNameServer] 192.168.92.1 192.168.117.1
Tcpip\..\Interfaces\{ab2f20a9-2884-4717-a352-bb67712d386d}: [DhcpNameServer] 192.168.94.1
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: g9ckyphp.default
FF ProfilePath: C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default [2017-06-11]
FF Extension: (Adblock Plus) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Follow-on Search Telemetry) - C:\Users\mail\AppData\Roaming\Mozilla\Firefox\Profiles\g9ckyphp.default\features\{822da7f7-bb10-4094-89df-5a1b4f0b126d}\followonsearch@mozilla.com.xpi [2017-06-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-06-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-09] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-05-14] (Overwolf LTD)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340992 2014-10-22] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251480 2017-06-11] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz138; C:\Users\mail\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2017-06-11] (CPUID) <==== ATTENTION
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-26] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-26] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-06-11] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [231944 2017-06-11] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R1 MpKsl41451853; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A5F63AA4-CDD8-48F5-8261-C6C91B2FE28A}\MpKsl41451853.sys [44928 2017-06-11] (Microsoft Corporation)
S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\drivers\Netwsw02.sys [3424512 2017-06-11] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_ed616d55e0bead92\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [26744 2017-05-03] (Windows (R) Win 7 DDK provider)
S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3149832 2017-06-11] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-06-03] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2017-06-11] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\drivers\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-11 17:20 - 2017-06-11 17:21 - 00008837 _____ C:\Users\mail\Desktop\FRST.txt
2017-06-11 17:20 - 2017-06-11 17:20 - 00000000 ____D C:\FRST
2017-06-11 17:19 - 2017-06-11 17:19 - 00112640 _____ (forum.viry.cz) C:\Users\mail\Downloads\FRSTLauncher.exe
2017-06-11 17:18 - 2017-06-11 17:18 - 02438656 _____ (Farbar) C:\Users\mail\Desktop\FRST64.exe
2017-06-11 16:33 - 2017-06-11 16:33 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Temp
2017-06-11 13:26 - 2017-06-11 13:26 - 00000000 ___HD C:\OneDriveTemp
2017-06-11 02:57 - 2017-06-11 02:57 - 10719648 _____ C:\Windows\system32\Drivers\Netwfw02.dat
2017-06-11 02:57 - 2017-06-11 02:57 - 03424512 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwsw02.sys
2017-06-11 02:56 - 2017-06-11 02:56 - 01980672 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00645640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP64.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00560648 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamP.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00378040 _____ (Intel Corporation) C:\Windows\system32\ibtproppage.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00104456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamO64.dll
2017-06-11 02:56 - 2017-06-11 02:56 - 00000000 ____D C:\Program Files\Realtek
2017-06-11 02:55 - 2017-06-11 02:55 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2017-06-11 02:55 - 2017-06-11 02:55 - 00419928 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2017-06-11 02:55 - 2017-06-11 02:55 - 00292952 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo34-13.dll
2017-06-11 02:55 - 2017-06-11 02:55 - 00161864 _____ (Qualcomm Atheros, Inc.) C:\Windows\system32\Drivers\L1C63x64.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00089688 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynHidI2C_Aux.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00042584 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel_Aux.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00042072 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2017-06-11 02:55 - 2017-06-11 02:55 - 00041952 _____ C:\Windows\system32\AmUStor.ini
2017-06-11 02:55 - 2017-06-11 02:55 - 00020632 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2017-06-11 02:55 - 2017-06-11 02:55 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000124 _____ C:\Windows\system32\VendorCmd6485_SetSSC.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000032 _____ C:\Windows\system32\VendorCommand_MS1bit.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6420.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6366.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6362.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6361.bin
2017-06-11 02:55 - 2017-06-11 02:55 - 00000008 _____ C:\Windows\system32\CardDetect6339.bin
2017-06-11 02:54 - 2017-06-11 03:10 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2017-06-11 02:54 - 2017-06-11 02:54 - 00204920 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2017-06-11 02:54 - 2017-06-11 02:54 - 00000000 ____D C:\Users\mail\AppData\Roaming\SuperBoost
2017-06-11 02:54 - 2017-06-11 02:54 - 00000000 ____D C:\ProgramData\SuperBoost
2017-06-11 02:53 - 2017-06-11 02:56 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-06-11 02:49 - 2017-06-11 03:11 - 00000000 ____D C:\ProgramData\ProductData
2017-06-11 02:49 - 2017-06-11 03:04 - 00003034 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (mail)
2017-06-11 02:49 - 2017-06-11 02:50 - 00000000 ____D C:\Users\mail\AppData\LocalLow\IObit
2017-06-11 02:49 - 2017-06-11 02:49 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-06-11 02:49 - 2017-06-11 02:49 - 00000000 ____D C:\Windows\IObit
2017-06-11 02:48 - 2017-06-11 13:31 - 00000000 ____D C:\Users\mail\AppData\Roaming\IObit
2017-06-11 02:48 - 2017-06-11 13:31 - 00000000 ____D C:\ProgramData\IObit
2017-06-11 01:54 - 2017-06-11 01:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2017-06-11 01:54 - 2017-06-11 01:54 - 00000000 ____D C:\Users\mail\AppData\Roaming\NVIDIA
2017-06-11 01:53 - 2017-06-11 01:54 - 00000000 ____D C:\Users\mail\AppData\Local\LenovoServiceBridge
2017-06-09 16:51 - 2017-06-09 16:51 - 00000000 ____D C:\Users\mail\AppData\Roaming\Macromedia
2017-06-09 16:51 - 2017-06-09 16:51 - 00000000 ____D C:\Users\mail\AppData\Local\Macromedia
2017-06-09 16:50 - 2017-06-09 16:50 - 00004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-06 21:21 - 2017-06-11 13:31 - 00000000 ____D C:\AdwCleaner
2017-06-06 21:15 - 2017-06-11 01:12 - 00000000 ____D C:\Program Files\trend micro
2017-06-06 21:15 - 2017-06-06 21:16 - 00000000 ____D C:\rsit
2017-06-06 14:12 - 2017-06-06 14:12 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Adobe
2017-06-06 14:11 - 2017-06-06 21:38 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-06-06 14:10 - 2017-06-06 14:13 - 00000000 ____D C:\ProgramData\Adobe
2017-06-06 14:10 - 2017-06-06 14:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-06-06 14:10 - 2017-06-06 14:10 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-06-06 14:10 - 2017-06-06 14:10 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-06 14:09 - 2017-06-09 16:50 - 00000000 ____D C:\Users\mail\AppData\Local\Adobe
2017-06-06 01:52 - 2017-06-06 01:52 - 00004382 _____ C:\Windows\System32\Tasks\Overwolf Updater Task
2017-06-06 01:52 - 2017-06-06 01:52 - 00000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2017-06-06 01:52 - 2017-06-06 01:52 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-06-06 01:51 - 2017-06-06 01:52 - 00000000 ____D C:\ProgramData\Overwolf
2017-06-06 01:50 - 2017-06-06 01:52 - 00000000 ____D C:\Users\mail\AppData\Local\Overwolf
2017-06-06 01:37 - 2017-06-09 02:21 - 00000000 ____D C:\Users\mail\AppData\Roaming\HearthstoneDeckTracker
2017-06-06 01:37 - 2017-06-06 01:37 - 00002577 _____ C:\Users\mail\Desktop\Hearthstone Deck Tracker.lnk
2017-06-06 01:37 - 2017-06-06 01:37 - 00000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-06-06 01:37 - 2017-06-06 01:37 - 00000000 ____D C:\Users\mail\AppData\Local\SquirrelTemp
2017-06-06 01:37 - 2017-06-06 01:37 - 00000000 ____D C:\Users\mail\AppData\Local\HearthstoneDeckTracker
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\Users\mail\AppData\Roaming\.mono
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Blizzard Entertainment
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\Users\mail\AppData\Local\Blizzard
2017-06-06 01:26 - 2017-06-06 01:26 - 00000000 ____D C:\ProgramData\.mono
2017-06-05 18:52 - 2017-06-11 17:17 - 00000000 ____D C:\Users\mail\AppData\LocalLow\Mozilla
2017-06-05 18:48 - 2017-06-05 18:55 - 00000000 ____D C:\Users\mail\AppData\Local\Mozilla
2017-06-05 18:48 - 2017-06-05 18:52 - 00000000 ____D C:\Users\mail\AppData\Roaming\Mozilla
2017-06-05 18:48 - 2017-06-05 18:48 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-06-05 18:48 - 2017-06-05 18:48 - 00001231 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-06-05 18:48 - 2017-06-05 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-05 18:48 - 2017-06-05 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-05 16:11 - 2017-06-05 16:13 - 00000000 ____D C:\Windows\system32\MRT
2017-06-05 16:11 - 2017-06-05 16:11 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-05 16:08 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-06-05 16:08 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-05 16:08 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-05 16:08 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-05 16:08 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-06-05 16:08 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-05 16:08 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-06-05 16:08 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-05 16:08 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-05 16:08 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-05 16:08 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-06-05 16:08 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-06-05 16:08 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-06-05 16:08 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-06-05 16:08 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-05 16:08 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-06-05 16:08 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-06-05 16:08 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-05 16:08 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-06-05 16:08 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-05 16:08 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-06-05 16:08 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-06-05 16:08 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-06-05 16:08 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-05 16:08 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-05 16:08 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-06-05 16:08 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-06-05 16:08 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-06-05 16:08 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-05 16:08 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-05 16:08 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-06-05 16:08 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-06-05 16:08 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-05 16:08 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-06-05 16:08 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-06-05 16:08 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-05 16:08 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-06-05 16:08 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-06-05 16:08 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-05 16:08 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-06-05 16:08 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-06-05 16:08 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-06-05 16:08 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-06-05 16:08 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-06-05 16:08 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-06-05 16:08 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-05 16:08 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-05 16:08 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-05 16:08 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-05 16:08 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-06-05 16:08 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-05 16:08 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-06-05 16:08 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-06-05 16:08 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-06-05 16:08 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-06-05 16:08 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-05 16:08 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-06-05 16:08 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-06-05 16:08 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-06-05 16:08 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-06-05 16:08 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-06-05 16:08 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-06-05 16:08 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-06-05 16:08 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-05 16:08 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-06-05 16:08 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-05 16:08 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-05 16:08 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-06-05 16:08 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-06-05 16:08 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-06-05 16:08 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-06-05 16:08 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-05 16:08 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-06-05 16:08 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-06-05 16:08 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-06-05 16:08 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-06-05 16:08 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-06-05 16:08 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-06-05 16:08 - 2017-04-01 03:05 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-05 16:08 - 2017-04-01 03:04 - 01147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-05 16:08 - 2017-04-01 03:04 - 01024416 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-05 16:08 - 2017-04-01 02:57 - 00626520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-05 15:22 - 2017-06-05 15:20 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-06-05 15:07 - 2017-06-05 15:07 - 00001034 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2017-06-05 15:07 - 2017-06-05 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2017-06-05 14:53 - 2017-06-05 14:56 - 00000978 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2017-06-05 14:53 - 2017-06-05 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-06-05 14:45 - 2017-06-11 13:38 - 00005814 _____ C:\Windows\system32\InstallUtil.InstallLog
2017-06-05 14:32 - 2017-06-11 01:54 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-06-05 14:32 - 2017-06-05 14:32 - 02365296 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2017-06-05 14:32 - 2017-06-05 14:32 - 00000000 ____D C:\Program Files\Lenovo
2017-06-05 14:31 - 2017-06-05 14:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-05 14:30 - 2017-06-11 01:54 - 00000000 ____D C:\ProgramData\Lenovo
2017-06-05 14:29 - 2017-06-05 14:29 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-05 14:29 - 2017-06-05 14:29 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2017-06-05 14:29 - 2015-01-07 10:37 - 00001352 _____ C:\Windows\system32\Drivers\SAMSfPa.dat
2017-06-05 14:29 - 2014-10-22 15:10 - 06154240 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2017-06-05 14:29 - 2014-10-22 15:10 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2017-06-05 14:29 - 2014-10-22 15:10 - 00340992 _____ (IDT, Inc.) C:\Windows\system32\stacsv64.exe
2017-06-05 14:29 - 2014-10-22 15:10 - 00088576 _____ (IDT, Inc.) C:\Windows\system32\IDTPMA64.exe
2017-06-05 14:28 - 2017-06-05 14:29 - 00000000 ____D C:\Program Files\IDT
2017-06-05 14:28 - 2017-06-05 14:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-05 14:21 - 2017-06-11 03:03 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2017-06-05 14:19 - 2017-06-06 01:28 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-06-05 14:15 - 2017-06-05 14:15 - 00000000 ____D C:\Users\mail\AppData\Local\DBG
2017-06-05 14:15 - 2017-06-05 14:15 - 00000000 ____D C:\Users\mail\AppData\Local\Blizzard Entertainment
2017-06-05 14:15 - 2017-06-05 14:15 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-06-05 14:14 - 2017-06-11 03:16 - 00000000 ____D C:\Users\mail\AppData\Local\Battle.net
2017-06-05 14:14 - 2017-06-05 14:14 - 00000966 _____ C:\Users\Public\Desktop\Blizzard App.lnk
2017-06-05 14:14 - 2017-06-05 14:14 - 00000000 ____D C:\Users\mail\Documents\League of Legends
2017-06-05 14:14 - 2017-06-05 14:14 - 00000000 ____D C:\Users\mail\AppData\Local\CEF
2017-06-05 14:14 - 2017-06-05 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-06-05 14:12 - 2017-06-11 03:02 - 00000000 ____D C:\Program Files (x86)\Blizzard App
2017-06-05 14:10 - 2017-06-05 14:15 - 00000000 ____D C:\Users\mail\AppData\Roaming\Battle.net
2017-06-05 14:10 - 2017-06-05 14:10 - 00000000 ____D C:\ProgramData\Battle.net
2017-06-05 14:04 - 2017-06-05 14:04 - 00000000 ____D C:\ProgramData\Riot Games
2017-06-05 14:03 - 2017-06-05 14:40 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2017-06-05 14:03 - 2017-06-05 14:14 - 00001760 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-06-05 14:03 - 2017-06-05 14:03 - 00000000 ____D C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-06-05 14:03 - 2017-06-05 14:03 - 00000000 ____D C:\Riot Games
2017-06-05 14:03 - 2017-06-05 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-06-05 14:03 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-06-05 14:03 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-06-05 14:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-06-05 14:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-06-05 14:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-06-05 14:02 - 2017-06-05 14:04 - 00000000 ____D C:\Users\mail\AppData\Roaming\Riot Games
2017-06-05 13:56 - 2017-06-05 13:56 - 00000000 ____D C:\Users\mail\AppData\Local\MicrosoftEdge
2017-06-05 13:55 - 2017-06-11 13:34 - 00000000 ___RD C:\Users\mail\OneDrive
2017-06-05 13:55 - 2017-06-05 13:55 - 00003288 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-05 13:55 - 2017-06-05 13:55 - 00002399 _____ C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-05 13:55 - 2017-06-05 13:55 - 00000000 ____D C:\Users\mail\AppData\Local\Comms
2017-06-05 13:55 - 2017-06-05 13:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-05 13:53 - 2017-06-11 13:33 - 00000000 __SHD C:\Users\mail\IntelGraphicsProfiles
2017-06-05 13:53 - 2017-06-06 14:12 - 00000000 ____D C:\Users\mail\AppData\Roaming\Adobe
2017-06-05 13:53 - 2017-06-05 23:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-05 13:53 - 2017-06-05 23:08 - 00000000 ____D C:\Users\mail\AppData\Local\ConnectedDevicesPlatform
2017-06-05 13:53 - 2017-06-05 15:06 - 00000000 ____D C:\Users\mail\AppData\Local\Packages
2017-06-05 13:53 - 2017-06-05 13:53 - 00000000 ____D C:\Users\mail\AppData\Local\VirtualStore
2017-06-05 13:53 - 2017-06-05 13:53 - 00000000 ____D C:\Users\mail\AppData\Local\TileDataLayer
2017-06-05 13:53 - 2017-06-05 13:53 - 00000000 ____D C:\Users\mail\AppData\Local\Publishers
2017-06-05 13:52 - 2017-06-11 13:32 - 00000000 ____D C:\Users\mail
2017-06-05 13:52 - 2017-06-05 13:52 - 00000020 ___SH C:\Users\mail\ntuser.ini
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Šablony
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Soubory cookie
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Poslední
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Okolní tiskárny
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Okolní síť
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Nabídka Start
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Dokumenty
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Documents\Obrázky
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Documents\Hudba
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Documents\Filmy
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\Data aplikací
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-06-05 13:52 - 2017-06-05 13:52 - 00000000 _SHDL C:\Users\mail\AppData\Local\Data aplikací
2017-06-05 05:13 - 2017-06-11 13:39 - 01903526 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-05 05:11 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Public\Documents\Obrázky
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Public\Documents\Hudba
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Public\Documents\Filmy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Šablony
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Poslední
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Okolní síť
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Dokumenty
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\Default User
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Users\All Users
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Šablony
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Plocha
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Dokumenty
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\ProgramData\Data aplikací
2017-06-05 05:08 - 2017-06-05 05:08 - 00000000 _SHDL C:\Documents and Settings
2017-06-05 05:03 - 2017-06-05 05:03 - 00000000 ____D C:\ProgramData\USOShared
2017-06-05 05:00 - 2017-06-11 13:33 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-05 05:00 - 2017-06-05 05:11 - 00000000 ____D C:\Intel
2017-06-05 05:00 - 2017-06-05 05:00 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-05 05:00 - 2017-06-05 05:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-06-05 05:00 - 2017-06-05 05:00 - 00000000 ____D C:\Program Files\Intel
2017-06-05 05:00 - 2017-06-05 05:00 - 00000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2017-06-05 05:00 - 2016-11-02 00:05 - 00103952 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2017-06-05 05:00 - 2016-11-02 00:05 - 00099848 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2017-06-05 04:59 - 2017-06-11 13:33 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-05 04:59 - 2017-06-05 04:59 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-05 04:59 - 2017-05-18 07:55 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-05 04:59 - 2017-05-18 07:48 - 06437824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 02479736 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00548984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00146880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-06-05 04:59 - 2017-05-18 07:48 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-06-05 04:59 - 2017-05-16 20:09 - 07993157 _____ C:\Windows\system32\nvcoproc.bin
2017-06-05 04:53 - 2017-06-11 13:33 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-05 04:52 - 2017-06-11 17:17 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-06-05 04:52 - 2017-06-05 23:05 - 00218192 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-05 04:52 - 2017-06-05 04:52 - 00000000 ____D C:\Windows\ServiceProfiles
2017-06-05 02:05 - 2017-06-05 02:05 - 00008192 _____ C:\Windows\system32\config\userdiff
2017-06-05 02:05 - 2017-06-05 02:05 - 00000000 ____D C:\Windows\InfusedApps
2017-06-05 02:03 - 2017-06-05 02:03 - 00000000 ____D C:\Program Files\Synaptics
2017-06-05 02:00 - 2017-06-05 02:00 - 00000000 ____D C:\Windows\Setup
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\OCR
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files\MSBuild
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-05 01:58 - 2017-06-05 01:58 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-05 01:54 - 2017-06-11 13:39 - 00817360 _____ C:\Windows\system32\perfh005.dat
2017-06-05 01:54 - 2017-06-11 13:39 - 00170028 _____ C:\Windows\system32\perfc005.dat
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\winrm
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\WCN
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\winrm
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\WCN
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\slmgr
2017-06-05 01:54 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\cs
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\0409
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\cs
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\0409
2017-06-05 01:54 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\DigitalLocker
2017-06-05 01:54 - 2017-06-05 01:53 - 00296964 _____ C:\Windows\system32\perfi005.dat
2017-06-05 01:54 - 2017-06-05 01:53 - 00038778 _____ C:\Windows\system32\perfd005.dat
2017-06-05 01:51 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-05 01:51 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-05 01:49 - 2017-06-05 02:12 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-06-05 01:49 - 2017-06-05 01:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2017-06-05 01:49 - 2017-06-05 01:45 - 00215943 _____ C:\Windows\SysWOW64\dssec.dat
2017-06-05 01:49 - 2017-06-05 01:45 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2017-06-05 01:49 - 2017-06-05 01:45 - 00017635 _____ C:\Windows\system32\Drivers\etc\services
2017-06-05 01:49 - 2017-06-05 01:45 - 00015940 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2017-06-05 01:49 - 2017-06-05 01:45 - 00004096 _____ C:\Windows\system32\config\VSMIDK
2017-06-05 01:49 - 2017-06-05 01:45 - 00003683 _____ C:\Windows\system32\Drivers\etc\lmhosts.sam
2017-06-05 01:49 - 2017-06-05 01:45 - 00001358 _____ C:\Windows\system32\Drivers\etc\protocol
2017-06-05 01:49 - 2017-06-05 01:45 - 00000741 _____ C:\Windows\SysWOW64\NOISE.DAT
2017-06-05 01:49 - 2017-06-05 01:45 - 00000741 _____ C:\Windows\system32\NOISE.DAT
2017-06-05 01:49 - 2017-06-05 01:45 - 00000407 _____ C:\Windows\system32\Drivers\etc\networks
2017-06-05 01:48 - 2017-06-10 14:34 - 00000000 ____D C:\Windows\AppReadiness
2017-06-05 01:48 - 2017-06-09 16:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-05 01:48 - 2017-06-09 16:50 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-05 01:48 - 2017-06-08 12:38 - 00000000 ____D C:\Windows\rescache
2017-06-05 01:48 - 2017-06-08 12:30 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-05 01:48 - 2017-06-06 04:29 - 00000000 ____D C:\Windows\appcompat
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ___SD C:\Windows\system32\F12
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\system32\Dism
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Windows\Provisioning
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-05 01:48 - 2017-06-05 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-05 01:48 - 2017-06-05 13:52 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-06-05 01:48 - 2017-06-05 05:11 - 00000000 ____D C:\Windows\system32\spool
2017-06-05 01:48 - 2017-06-05 05:11 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-06-05 01:48 - 2017-06-05 05:08 - 00000000 ____D C:\Program Files\Windows NT
2017-06-05 01:48 - 2017-06-05 05:06 - 00000000 ____D C:\Windows\system32\Sysprep
2017-06-05 01:48 - 2017-06-05 05:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-05 01:48 - 2017-06-05 05:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-05 01:48 - 2017-06-05 05:02 - 00000000 ___RD C:\Windows\PrintDialog
2017-06-05 01:48 - 2017-06-05 05:02 - 00000000 ___RD C:\Windows\MiracastView
2017-06-05 01:48 - 2017-06-05 05:01 - 00000000 ____D C:\Windows\HoloShell
2017-06-05 01:48 - 2017-06-05 04:59 - 00000000 ____D C:\Windows\Help
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\SystemApps
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\system32\MUI
2017-06-05 01:48 - 2017-06-05 01:58 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-05 01:48 - 2017-06-05 01:57 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ___SD C:\Windows\system32\dsc
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\setup
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\oobe
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\system32\Com
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Windows\IME
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Program Files\Common Files\System
2017-06-05 01:48 - 2017-06-05 01:54 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ___SD C:\Windows\SysWOW64\Nui
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ___SD C:\Windows\system32\Nui
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\WinMetadata
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\MailContactsCalendarSync
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\downlevel
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\Bthprops
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\WinMetadata
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\MsDtc
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\MailContactsCalendarSync
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\icsxml
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\ias
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\downlevel
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\DDFs
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\Bthprops
2017-06-05 01:48 - 2017-06-05 01:49 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __RSD C:\Windows\Media
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___SD C:\Windows\system32\Configuration
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___SD C:\Windows\Downloaded Program Files
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___RD C:\Windows\Offline Web Pages
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Web
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Vss
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\tracing
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\TAPI
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\SMI
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\ras
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\NDF
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\MsDtc
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\Ipmi
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\InputMethod
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\IME
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicyUsers
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\FxsTmp
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SysWOW64\AppLocker
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SystemResources
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\winevt
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\ras
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\ProximityToast
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\PointOfService
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\NDF
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\Ipmi
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\InputMethod
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\inetsrv
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\IME
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\Hydrogen
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\GroupPolicyUsers
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\GroupPolicy
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\config\Journal
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\AppLocker
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\System
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SKB
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\schemas
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\SchCache
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\security
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Resources
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Registration
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\PLA
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Performance
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\ModemLogs
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\LiveKernelReports
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\L2Schemas
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\InputMethod
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Globalization
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\GameBarPresenceWriter
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Cursors
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\Branding
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\bcastdvr
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\addins
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\ProgramData\WindowsHolographicDevices
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Windows Security
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files\Common Files\Services
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files (x86)\Windows NT
2017-06-05 01:48 - 2017-06-05 01:48 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2017-06-05 01:48 - 2017-06-05 01:45 - 00215943 _____ C:\Windows\system32\dssec.dat
2017-06-05 01:48 - 2017-06-05 01:45 - 00000858 _____ C:\Windows\system32\DefaultQuestions.json
2017-06-05 01:48 - 2017-06-05 01:45 - 00000219 _____ C:\Windows\system.ini
2017-06-05 01:48 - 2017-06-05 01:45 - 00000092 _____ C:\Windows\win.ini
2017-06-05 01:46 - 2017-06-11 02:57 - 00000000 ____D C:\Windows\INF
2017-06-05 01:39 - 2017-06-05 16:11 - 00000000 ____D C:\Windows\CbsTemp
2017-06-05 01:32 - 2017-06-11 13:32 - 01048576 _____ C:\Windows\system32\config\BBI
2017-06-05 01:32 - 2017-06-05 05:10 - 00000000 ____D C:\Windows\Panther
2017-06-05 01:32 - 2017-06-05 04:53 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-06-05 01:32 - 2017-06-05 01:57 - 00000000 ____D C:\Windows\servicing
2017-06-05 01:32 - 2017-06-05 01:48 - 00000000 ____D C:\Windows\system32\SMI
2017-06-05 00:01 - 2017-06-05 02:23 - 00000000 ___HD C:\$SysReset
2017-06-04 06:06 - 2017-06-04 06:06 - 04730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 04446208 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 03655680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02158544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-04 06:06 - 2017-06-04 06:06 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-04 06:06 - 2017-06-04 06:06 - 01657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01604312 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01518088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01433600 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 01051648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00987648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00741784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00716440 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00673112 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00599576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00559000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-06-04 06:06 - 2017-06-04 06:06 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-06-04 06:06 - 2017-06-04 06:06 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-06-04 06:06 - 2017-06-04 06:06 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-06-04 06:06 - 2017-06-04 06:06 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-04 06:06 - 2017-06-04 06:06 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-04 06:06 - 2017-06-04 06:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-04 06:06 - 2017-06-04 06:06 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-06-04 06:06 - 2017-06-04 06:06 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 03672064 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 03116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02957824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 02635336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02443776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 02085280 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01852776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01760264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01611776 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01605632 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01557288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01411128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01325456 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01320352 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01295872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00980992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00799232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00708712 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00651680 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00523296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-06-04 06:05 - 2017-06-04 06:05 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00409504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00388000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-04 06:05 - 2017-06-04 06:05 - 00354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00311192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00142240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00105456 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00095584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-04 06:05 - 2017-06-04 06:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-04 06:05 - 2017-06-04 06:05 - 00032004 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-06-04 06:05 - 2017-06-04 06:05 - 00027040 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-06-04 05:58 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-06-04 05:58 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-06-04 05:58 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-06-04 05:58 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-06-04 05:58 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-06-04 05:48 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-06-04 05:48 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-04 05:48 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-06-04 05:47 - 2017-06-04 05:47 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 04114248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 03624784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438233.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438233.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-06-04 01:41 - 2017-05-18 09:35 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-04 01:41 - 2017-05-18 09:35 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-06-04 01:41 - 2017-05-18 09:35 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-06-04 01:41 - 2017-05-18 09:35 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-06-04 01:29 - 2017-05-03 22:21 - 01730168 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2017-06-04 01:29 - 2017-05-03 22:21 - 00026744 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\nvswcfilter.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-11 02:56 - 2017-01-13 22:11 - 00231944 _____ (Intel Corporation) C:\Windows\system32\Drivers\ibtusb.sys
2017-06-11 02:56 - 2017-01-13 22:11 - 00183480 _____ (Intel Corporation) C:\Windows\system32\ibtsiva.exe
2017-06-11 02:56 - 2013-11-23 16:53 - 05456392 _____ (Realtek semiconductor) C:\Windows\RTFTrack.exe
2017-06-11 02:56 - 2013-11-23 16:53 - 03149832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2017-06-11 02:55 - 2015-06-03 04:16 - 00772184 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2017-06-11 02:55 - 2015-06-03 04:16 - 00633432 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2017-06-11 02:55 - 2015-06-03 04:16 - 00278616 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2017-06-11 02:55 - 2013-04-30 22:25 - 01469952 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2017-06-11 02:55 - 2012-10-03 11:26 - 00090264 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2017-06-11 02:53 - 2015-06-03 04:16 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-06-11 02:53 - 2015-06-03 04:16 - 00033960 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
==================== Files in the root of some directories =======
2017-06-05 14:29 - 2017-06-05 14:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-05 04:52
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows8_OS) (Fixed) (Total:889 GB) (Free:817.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.93 GB) NTFS
Available physical RAM: 5248.95 MB
Total physical RAM: 8116.27 MB
Percentage of memory in use: 35%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: C201B125)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\mail\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (5.29 KiB) Staženo 67 x
-
Rudy
- Site Admin
- Příspěvky: 118278
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na havěť: zpomalený procesor
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Windows\LastGood.Tmp
C:\ProgramData\DP45977C.lfl
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podezření na havěť: zpomalený procesor
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-06-2017
Ran by mail (11-06-2017 18:34:27) Run:1
Running from C:\Users\mail\Desktop
Loaded Profiles: mail (Available Profiles: mail)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Windows\LastGood.Tmp
C:\ProgramData\DP45977C.lfl
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
EmptyTemp:
End
*****************
C:\Windows\LastGood.Tmp => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8603320 B
Java, Flash, Steam htmlcache => 509 B
Windows/system/drivers => 1070051 B
Edge => 260325311 B
Chrome => 0 B
Firefox => 383975188 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 41218 B
mail => 310756628 B
RecycleBin => 322929112 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-06-2017 18:35:46)
"C:\ProgramData\DP45977C.lfl" => Could not move
==== End of Fixlog 18:35:47 ====
Ran by mail (11-06-2017 18:34:27) Run:1
Running from C:\Users\mail\Desktop
Loaded Profiles: mail (Available Profiles: mail)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Windows\LastGood.Tmp
C:\ProgramData\DP45977C.lfl
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
EmptyTemp:
End
*****************
C:\Windows\LastGood.Tmp => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8603320 B
Java, Flash, Steam htmlcache => 509 B
Windows/system/drivers => 1070051 B
Edge => 260325311 B
Chrome => 0 B
Firefox => 383975188 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 41218 B
mail => 310756628 B
RecycleBin => 322929112 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-06-2017 18:35:46)
"C:\ProgramData\DP45977C.lfl" => Could not move
==== End of Fixlog 18:35:47 ====
-
Rudy
- Site Admin
- Příspěvky: 118278
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na havěť: zpomalený procesor
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podezření na havěť: zpomalený procesor
Bohužel nepozoruji změnu. Byl počítač infikovaný? Pokud ne, tak předpokládám, že se jedná o nějaký mechanický problém :/ Veškeré drivery jsou aktualizované, počítatač prošel i "diagnostikou" přes Lenovo care
-
Rudy
- Site Admin
- Příspěvky: 118278
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na havěť: zpomalený procesor
Jen AdWary a zbytečnosti. Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?