Vir adf.ly

Zpráva

saesa · #1 Příspěvek od **saesa** » 21 úno 2016 00:01

Ahoj,
mam problem asi nejspis s virem adf.ly. Problem uz jsem mel par dni s vyskakovanim oken pri normalnim spousteni a klikani stranek na internetu ay to dospelo k tomu ze mi dnes ani nenaskocil OS a musel jsem ho preinstalovat, nesel ani reset vzdy zkolaboval s chybou. A dnes navecer to zase zacalo na novo, pri prohlizeni stranek mi zacala vzskakovat stranka adf.ly a prohlizec byl pomalejsi a stranky zacinaj i prestavat nacitat uplne. Zkusim jsem McAfee ale ten nic nenasel, potom jsem zkousel MalwaresBztes Anti Malware ten nasel 2 chyby, ktere jsem odstranil ale problem pretrvava furt. Nyni zkousim system projet nastrojem pro odstraneni skodliveho softwaru od microsoftu ale je to na celou noc minimalne.
Prikladam log z RSIT. Doufam ze mi pomuzete, dekuji.

FRSIT

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Saine at 2016-02-20 23:45:12
Microsoft Windows 10 Pro 
System drive C: has 88 GB (74%) free of 119 GB
Total RAM: 3885 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:45:31, on 20.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Saine.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [DeleteGSShellX64.dll] cmd.exe /C del "C:\Program Files\GRAPHISOFT\ArchiCAD 18\GSShellX64.dll.backup"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Saine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Saine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Saine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Saine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: esat.exe
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: McAfee Application Installer Cleanup (0188511455981472) (0188511455981472mcinstcleanup) - McAfee, Inc. - C:\Users\Saine\AppData\Local\Temp\018851~1.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11904 bytes

======Listing Processes======







C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

winlogon.exe
"dwm.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SettingSyncHost.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Program Files\Elantech\ETDCtrl.exe" 
dashost.exe {306de73a-55a7-433a-b0cf01fea6103ea0}
"C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"
"C:\Windows\system32\mfevtps.exe" -mms
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Windows\System32\NetworkUXBroker.exe" -ServerName:Windows.Networking.UX
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" -mms
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
taskhostw.exe
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe" /q
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}
"C:\Windows\System32\GamePanel.exe" 000000000004066C /startuptips
"C:\Windows\System32\GamePanel.exe" 0000000000050646 /startuptips
"C:\totalcmd\TOTALCMD64.EXE" 
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"fontdrvhost.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe" -ServerName:App.AppXqagq4n4gvy0tjw576pgh6xr601s1h1mv.mca
"C:\Windows\DevicesFlow\DevicesFlow.exe" -ServerName:microsoft.windows.devicesflow
C:\Windows\system32\DllHost.exe /Processid:{B21858C6-9711-4257-99C8-5C0084BEBCE1}
"C:\Program Files\WindowsApps\Microsoft.3DBuilder_10.9.6.0_x64__8wekyb3d8bbwe\Builder3D.exe" -ServerName:App.AppXef0z91bkp4m31zjp722hbhq59zaenakr.mca
"C:\Program Files\WindowsApps\Microsoft.XboxApp_14.14.16008.0_x64__8wekyb3d8bbwe\XboxApp.exe" -ServerName:Microsoft.XboxApp.AppXf18qzvvf02y898dj8d1frhp2562vbpn5.mca
"C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe" 
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\McAfee\VirusScan\mcods.exe"
"C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe" {4c09cd3f-1c68-4a0d-8e71-7f36e66a97f5} /pid=3004
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
consent.exe 444 374 000000E18A95F040
"C:\Users\Saine\Downloads\Windows-KB890830-x64-V5.33.exe" 
"C:\Windows\system32\MRT.exe" 
"C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" 
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
wimserv.exe abd1b1e0-0c5a-4ca0-89c4-b4d14759a208
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -nk
C:\Windows\System32\svchost.exe -k utcsvc

"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" 
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3876.0.234592706\979942784" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2900 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledInitialReceiveWindow32KB/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Disabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3876.1.431358565\369647693" --font-cache-shared-handle=2692 /prefetch:673131151
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledInitialReceiveWindow32KB/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Disabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3876.2.226291969\1752392701" --font-cache-shared-handle=2904 /prefetch:673131151
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledInitialReceiveWindow32KB/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Disabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3876.9.1365039698\1456946087" --font-cache-shared-handle=4580 /prefetch:673131151
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledInitialReceiveWindow32KB/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Disabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3876.11.794791529\1388287777" --font-cache-shared-handle=5876 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe28_ Global\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 624 628 636 8192 632 
"C:\Users\Saine\Downloads\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\sihclient.exe
\??\C:\Windows\system32\conhost.exe 0x4

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-304457122-4198643908-4039905295-1001Core.job - C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-304457122-4198643908-4039905295-1001UA.job - C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-20 228424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-20 2167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-02-20 162888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-02-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-02-20 1513592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-02-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-02-20 168480]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2016-02-20 393760]
"Persistence"=C:\Windows\system32\igfxpers.exe [2016-02-20 418336]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2016-02-20 3242696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-20 551112]
"Google Update"=C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-20 154440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Saine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\Windows\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\Saine\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"=C:\Windows\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"DeleteGSShellX64.dll"=cmd.exe /C del C:\Program Files\GRAPHISOFT\ArchiCAD 18\GSShellX64.dll.backup []
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-10-05 54072]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodeMeter Control Center.lnk - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
esat.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2016-02-20 390144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-20 23:45:14 ----D---- C:\Program Files\trend micro
2016-02-20 23:45:12 ----D---- C:\rsit
2016-02-20 22:10:36 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-02-20 22:07:19 ----A---- C:\autoexec.bat
2016-02-20 22:05:58 ----D---- C:\Users\Saine\AppData\Roaming\Enigma Software Group
2016-02-20 22:05:38 ----D---- C:\sh4ldr
2016-02-20 22:04:17 ----D---- C:\Program Files\Enigma Software Group
2016-02-20 22:00:06 ----A---- C:\Windows\system32\drivers\hrfkviu.sys
2016-02-20 21:36:58 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-20 21:36:36 ----D---- C:\ProgramData\Malwarebytes
2016-02-20 21:36:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-20 21:34:01 ----D---- C:\Windows\system32\appmgmt
2016-02-20 18:42:09 ----D---- C:\Windows\SYSWOW64\XPSViewer
2016-02-20 18:42:01 ----D---- C:\Program Files\Reference Assemblies
2016-02-20 18:42:01 ----D---- C:\Program Files\MSBuild
2016-02-20 18:42:01 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-02-20 18:42:01 ----D---- C:\Program Files (x86)\MSBuild
2016-02-20 18:40:44 ----D---- C:\Program Files (x86)\Adobe
2016-02-20 18:40:02 ----D---- C:\ProgramData\Adobe
2016-02-20 18:39:00 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-02-20 18:39:00 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2016-02-20 18:38:59 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-20 18:38:55 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-02-20 18:38:55 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2016-02-20 18:38:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-20 18:32:00 ----D---- C:\Windows\system32\MRT
2016-02-20 18:31:55 ----A---- C:\Windows\system32\MRT.exe
2016-02-20 18:02:30 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-02-20 18:02:29 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-02-20 18:02:11 ----D---- C:\Users\Saine\AppData\Roaming\Winamp
2016-02-20 18:00:58 ----D---- C:\Program Files (x86)\Winamp
2016-02-20 17:55:35 ----D---- C:\Users\Saine\AppData\Roaming\CleanMyPC Software
2016-02-20 17:55:34 ----AD---- C:\ProgramData\TEMP
2016-02-20 17:52:02 ----A---- C:\Windows\system32\SppExtComObjHook.dll
2016-02-20 17:52:01 ----A---- C:\Windows\system32\SppExtComObjPatcher.exe
2016-02-20 17:34:35 ----D---- C:\Program Files (x86)\Microsoft Office
2016-02-20 17:34:34 ----D---- C:\Program Files\Microsoft Office 15
2016-02-20 17:30:43 ----D---- C:\Users\Saine\AppData\Roaming\DAEMON Tools Ultra
2016-02-20 17:30:38 ----D---- C:\Program Files (x86)\DAEMON Tools Ultra
2016-02-20 17:26:34 ----D---- C:\ProgramData\DAEMON Tools Ultra
2016-02-20 16:59:53 ----D---- C:\Users\Saine\AppData\Roaming\GHISLER
2016-02-20 16:59:53 ----D---- C:\totalcmd
2016-02-20 16:53:35 ----D---- C:\Users\Saine\AppData\Roaming\WinRAR
2016-02-20 16:52:44 ----D---- C:\Program Files\WinRAR
2016-02-20 16:35:16 ----D---- C:\ProgramData\CodeMeter
2016-02-20 16:35:16 ----D---- C:\Program Files\CodeMeter
2016-02-20 16:35:16 ----D---- C:\Program Files (x86)\CodeMeter
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\WkExt32.dll
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\WibuXpm4J32.dll
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\wibuKJni.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\WkExt64.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\WibuXpm4J64.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\wibuKJni64.dll
2016-02-20 16:34:39 ----A---- C:\Windows\system32\drivers\Wibukey2_64.sys
2016-02-20 16:34:35 ----A---- C:\Windows\SYSWOW64\WkWin32.dll
2016-02-20 16:34:35 ----A---- C:\Windows\system32\WkWin64.dll
2016-02-20 16:34:35 ----A---- C:\Windows\system32\drivers\WibuKey64.sys
2016-02-20 16:34:29 ----D---- C:\Program Files\WIBU-SYSTEMS
2016-02-20 16:34:29 ----D---- C:\Program Files (x86)\WIBU-SYSTEMS
2016-02-20 16:34:29 ----D---- C:\Program Files (x86)\WIBUKEY
2016-02-20 16:29:39 ----D---- C:\Program Files\GRAPHISOFT
2016-02-20 16:29:01 ----D---- C:\Users\Saine\AppData\Roaming\Install.GS
2016-02-20 16:28:46 ----D---- C:\ProgramData\Sun
2016-02-20 16:28:44 ----A---- C:\Windows\SYSWOW64\javaws.exe
2016-02-20 16:28:41 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-02-20 16:28:41 ----A---- C:\Windows\SYSWOW64\javaw.exe
2016-02-20 16:28:40 ----A---- C:\Windows\SYSWOW64\java.exe
2016-02-20 16:28:35 ----D---- C:\Program Files (x86)\Java
2016-02-20 16:20:37 ----D---- C:\Users\Saine\AppData\Roaming\Macromedia
2016-02-20 16:19:41 ----A---- C:\Windows\system32\drivers\HipShieldK.sys
2016-02-20 16:19:07 ----D---- C:\Program Files (x86)\McAfee.com
2016-02-20 16:18:05 ----D---- C:\Program Files\McAfee.com
2016-02-20 16:18:05 ----D---- C:\Program Files\McAfee
2016-02-20 16:17:52 ----D---- C:\Program Files\Common Files\AV
2016-02-20 16:17:50 ----D---- C:\Program Files (x86)\McAfee
2016-02-20 16:09:48 ----A---- C:\Windows\system32\mfevtps.exe
2016-02-20 16:09:45 ----D---- C:\Program Files\Common Files\McAfee
2016-02-20 16:09:40 ----D---- C:\ProgramData\McAfee
2016-02-20 16:06:57 ----D---- C:\Users\Saine\AppData\Roaming\Adobe
2016-02-20 16:06:16 ----SD---- C:\Users\Saine\AppData\Roaming\Microsoft
2016-02-20 15:58:23 ----A---- C:\Windows\system32\drivers\ATK64AMD.sys
2016-02-20 15:58:21 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2016-02-20 15:58:15 ----D---- C:\Program Files\Elantech
2016-02-20 15:58:12 ----A---- C:\Windows\system32\ETDCoInstaller01000.dll
2016-02-20 15:58:12 ----A---- C:\Windows\system32\drivers\ETD.sys
2016-02-20 15:57:56 ----D---- C:\Program Files (x86)\Intel
2016-02-20 15:57:54 ----D---- C:\Intel
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igdumdx32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igdumd32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igd10umd32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\iglhsip64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\iglhcp64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxtray.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxTMM.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxsrvc.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxsrvc.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxress.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxpph.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxpers.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxext.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxexps.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxdo.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxdev.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxCoIn_v2858.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxcmrt64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxcmjit64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igdumd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igd10umd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\ig4icd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2016-02-20 15:57:39 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\hkcmd.exe
2016-02-20 15:57:39 ----A---- C:\Windows\system32\hccutils.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\GfxUI.exe
2016-02-20 15:57:39 ----A---- C:\Windows\system32\gfxSrvc.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\difx64.exe
2016-02-20 15:53:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-20 15:52:59 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-20 15:52:59 ----A---- C:\Windows\explorer.exe
2016-02-20 15:50:00 ----D---- C:\Windows\SoftwareDistribution
2016-02-20 12:58:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-20 12:56:25 ----D---- C:\Windows\CSC
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Šablony
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Plocha
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Nabídka Start
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Dokumenty
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Data aplikací
2016-02-20 12:53:59 ----ASH---- C:\hiberfil.sys
2016-02-20 12:52:15 ----SHD---- C:\Recovery
2016-02-20 12:50:19 ----D---- C:\Windows\Prefetch
2016-02-20 12:49:44 ----ASH---- C:\swapfile.sys
2016-02-20 12:49:44 ----ASH---- C:\pagefile.sys
2016-02-20 12:49:42 ----SHD---- C:\System Volume Information
2016-02-20 12:49:18 ----D---- C:\Windows\Panther
2016-02-20 12:49:06 ----RASH---- C:\BOOTSECT.BAK
2016-02-20 12:49:04 ----SHD---- C:\Boot

======List of files/folders modified in the last 1 month======

2016-02-20 23:45:22 ----D---- C:\Windows\Temp
2016-02-20 23:45:14 ----RD---- C:\Program Files
2016-02-20 23:40:56 ----D---- C:\Windows\System32
2016-02-20 23:00:01 ----D---- C:\Windows\system32\sru
2016-02-20 22:48:25 ----D---- C:\Windows\system32\config
2016-02-20 22:10:36 ----D---- C:\Windows\system32\drivers
2016-02-20 22:06:42 ----D---- C:\Windows\INF
2016-02-20 22:05:52 ----D---- C:\Windows\system32\Tasks
2016-02-20 22:01:48 ----HD---- C:\$WINDOWS.~BT
2016-02-20 21:36:36 ----RD---- C:\Program Files (x86)
2016-02-20 21:36:36 ----HD---- C:\ProgramData
2016-02-20 19:41:07 ----D---- C:\Windows\Logs
2016-02-20 19:01:59 ----D---- C:\Windows\system32\WinBioDatabase
2016-02-20 18:55:40 ----D---- C:\Windows\Microsoft.NET
2016-02-20 18:55:00 ----RD---- C:\Windows\assembly
2016-02-20 18:43:11 ----D---- C:\Windows\CbsTemp
2016-02-20 18:43:07 ----D---- C:\Windows\WinSxS
2016-02-20 18:42:09 ----D---- C:\Windows\SYSWOW64\MUI
2016-02-20 18:42:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-20 18:42:09 ----D---- C:\Windows\SysWOW64
2016-02-20 18:42:09 ----D---- C:\Windows\system32\MUI
2016-02-20 18:42:09 ----D---- C:\Windows\system32\cs-CZ
2016-02-20 18:42:02 ----RSD---- C:\Windows\Fonts
2016-02-20 18:41:33 ----SHD---- C:\Windows\Installer
2016-02-20 18:40:44 ----D---- C:\Program Files (x86)\Common Files
2016-02-20 18:39:30 ----D---- C:\Windows\system32\catroot2
2016-02-20 18:35:27 ----SD---- C:\ProgramData\Microsoft
2016-02-20 18:32:00 ----D---- C:\Windows\debug
2016-02-20 18:18:02 ----HD---- C:\Program Files\WindowsApps
2016-02-20 17:41:25 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-02-20 17:41:05 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-02-20 17:40:43 ----D---- C:\Windows\system32\DriverStore
2016-02-20 17:34:31 ----D---- C:\Program Files\Common Files\microsoft shared
2016-02-20 16:57:43 ----D---- C:\Windows\AppReadiness
2016-02-20 16:52:30 ----D---- C:\Windows
2016-02-20 16:24:19 ----RD---- C:\Users
2016-02-20 16:21:33 ----D---- C:\Windows\Tasks
2016-02-20 16:19:00 ----HD---- C:\Windows\ELAMBKUP
2016-02-20 16:17:52 ----D---- C:\Program Files\Common Files
2016-02-20 16:09:05 ----SHD---- C:\$Recycle.Bin
2016-02-20 16:08:24 ----D---- C:\Windows\system32\WDI
2016-02-20 15:53:24 ----D---- C:\Windows\system32\oobe
2016-02-20 13:04:55 ----D---- C:\Windows\system32\CodeIntegrity
2016-02-20 12:55:44 ----D---- C:\Windows\rescache
2016-02-20 12:54:24 ----D---- C:\Program Files\Windows NT
2016-02-20 12:52:15 ----D---- C:\Windows\system32\Recovery
2016-02-20 12:52:12 ----D---- C:\Windows\system32\Sysprep
2016-02-20 12:50:22 ----D---- C:\Windows\system32\drivers\UMDF
2016-02-02 23:47:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2015-08-10 839376]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2015-08-10 244024]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athwnx.sys [2015-06-18 4207104]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2015-08-10 80768]
R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2016-02-20 15920]
R3 HECIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\Windows\System32\drivers\HECIx64.sys [2016-02-20 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-02-20 12311776]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-02-20 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 64216]
R3 mfeaack;McAfee Inc. mfeaack; C:\Windows\system32\drivers\mfeaack.sys [2015-08-10 413432]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2015-08-10 349096]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2015-08-10 495856]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2015-08-12 537408]
R3 MTsensor;@oem5.inf,%ATKACPI.DisplayName%;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2016-02-20 13680]
R3 NETJME;@netjme.inf,%JME_Service_DispName%;JMicron Ethernet Adapter NDIS6.30 Driver (Amd64 Bits); C:\Windows\System32\drivers\NETJME.sys [2015-06-18 137728]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S0 jgogjrtq;jgogjrtq; C:\Windows\System32\drivers\hrfkviu.sys [2016-02-20 79064]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-09-10 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-07-10 32256]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 116736]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-02-20 22704]
S3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2016-02-20 525512]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2015-05-19 207208]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2015-08-12 111256]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-09-10 934752]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-09-10 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2015-09-10 67072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-03-07 81088]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2015-08-16 2776664]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2013-11-15 3105144]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-09-28 783120]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [2015-09-01 1694152]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2015-08-10 376264]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2015-08-11 639456]
R3 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2015-07-31 232656]
R3 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2015-07-31 254792]
R3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 UnistoreSvc_Session2;Úložiště uživatelských dat_Session2; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 0188511455981472mcinstcleanup;McAfee Application Installer Cleanup (0188511455981472); C:\Users\Saine\AppData\Local\Temp\018851~1.EXE [2015-07-23 882000]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2016-02-20 144072]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2016-02-20 1042304]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 56344]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-08-16 204360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-09-10 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 21 úno 2016 11:11

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

saesa · #3 Příspěvek od **saesa** » 21 úno 2016 11:59

Zasilam log:

Kód: Vybrat vše

# AdwCleaner v5.035 - Logfile created 21/02/2016 at 11:49:21
# Updated 18/02/2016 by Xplode
# Database : 2016-02-20.3 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : Saine - DESKTOP-E62BKUM
# Running from : C:\Users\Saine\Desktop\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-304457122-4198643908-4039905295-1001Core
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-304457122-4198643908-4039905295-1001UA
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-304457122-4198643908-4039905295-1001Core
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-304457122-4198643908-4039905295-1001UA

***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1021 bytes] ##########

Jen doplnim ze problem stale pretrvava.

#4 Příspěvek od **Rudy** » 21 úno 2016 12:37

Dejte nový log RSIT.

saesa · #5 Příspěvek od **saesa** » 21 úno 2016 12:59

Novy log:

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Saine at 2016-02-21 12:42:09
Microsoft Windows 10 Pro 
System drive C: has 88 GB (74%) free of 119 GB
Total RAM: 3885 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:11, on 21.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Saine.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8013
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: esat.exe
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11542 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Windows\system32\mfevtps.exe" -mms
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" -mms
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\McAfee\MSC\McAPExe.exe"
sihost.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\system32\SettingSyncHost.exe -Embedding
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe" 
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe" 
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe" 
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui /runkey
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"
"C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup

C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe" -ServerName:App.AppXqagq4n4gvy0tjw576pgh6xr601s1h1mv.mca
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" 
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2596.0.255184089\1564192957" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2900 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Disabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2596.1.246598588\722863915" --font-cache-shared-handle=2276 /prefetch:673131151
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Disabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2596.2.1766650088\1935622505" --font-cache-shared-handle=2492 /prefetch:673131151
"C:\Users\Saine\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Disabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2596.8.321472430\235376131" --font-cache-shared-handle=4768 /prefetch:673131151
taskeng.exe {41708449-EFA1-412A-B598-F36D832DE22F}
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Users\Saine\Desktop\RSITx64.exe" 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-20 228424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-20 2167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-02-20 162888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-02-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-02-20 1513592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-02-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-02-20 168480]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2016-02-20 393760]
"Persistence"=C:\Windows\system32\igfxpers.exe [2016-02-20 418336]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2016-02-20 3242696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-20 551112]
"Google Update"=C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-20 154440]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodeMeter Control Center.lnk - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
esat.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2016-02-20 390144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-21 11:46:18 ----D---- C:\AdwCleaner
2016-02-21 10:31:50 ----D---- C:\Program Files (x86)\Dassault Systemes
2016-02-21 10:30:57 ----HD---- C:\OneDriveTemp
2016-02-21 09:15:03 ----D---- C:\Program Files\Dassault Systemes
2016-02-21 09:14:08 ----D---- C:\Users\Saine\AppData\Roaming\DassaultSystemes
2016-02-21 09:14:08 ----D---- C:\ProgramData\DassaultSystemes
2016-02-21 09:11:36 ----D---- C:\Program Files\DAEMON Tools Lite
2016-02-21 08:55:16 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2016-02-21 08:53:34 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2016-02-21 08:53:30 ----D---- C:\Users\Saine\AppData\Roaming\DAEMON Tools Lite
2016-02-21 08:52:48 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-02-20 23:45:14 ----D---- C:\Program Files\trend micro
2016-02-20 23:45:12 ----D---- C:\rsit
2016-02-20 22:07:19 ----A---- C:\autoexec.bat
2016-02-20 22:04:17 ----D---- C:\Program Files\Enigma Software Group
2016-02-20 21:36:58 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-20 21:36:36 ----D---- C:\ProgramData\Malwarebytes
2016-02-20 21:36:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-20 21:34:01 ----D---- C:\Windows\system32\appmgmt
2016-02-20 18:42:09 ----D---- C:\Windows\SYSWOW64\XPSViewer
2016-02-20 18:42:01 ----D---- C:\Program Files\Reference Assemblies
2016-02-20 18:42:01 ----D---- C:\Program Files\MSBuild
2016-02-20 18:42:01 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-02-20 18:42:01 ----D---- C:\Program Files (x86)\MSBuild
2016-02-20 18:40:44 ----D---- C:\Program Files (x86)\Adobe
2016-02-20 18:40:02 ----D---- C:\ProgramData\Adobe
2016-02-20 18:39:00 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-02-20 18:39:00 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2016-02-20 18:38:59 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-20 18:38:55 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-02-20 18:38:55 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2016-02-20 18:38:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-20 18:32:00 ----D---- C:\Windows\system32\MRT
2016-02-20 18:31:55 ----A---- C:\Windows\system32\MRT.exe
2016-02-20 18:26:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-20 18:26:27 ----A---- C:\Windows\system32\win32kbase.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\schannel.dll
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\netio.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\afd.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\bisrv.dll
2016-02-20 18:26:25 ----A---- C:\Windows\system32\win32kfull.sys
2016-02-20 18:26:25 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-20 18:26:25 ----A---- C:\Windows\system32\jscript9.dll
2016-02-20 18:26:24 ----A---- C:\Windows\SYSWOW64\combase.dll
2016-02-20 18:26:24 ----A---- C:\Windows\system32\wuuhext.dll
2016-02-20 18:26:24 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-02-20 18:26:24 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-02-20 18:26:24 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2016-02-20 18:26:23 ----A---- C:\Windows\system32\edgehtml.dll
2016-02-20 18:26:23 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-02-20 18:26:22 ----A---- C:\Windows\system32\Chakra.dll
2016-02-20 18:26:21 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-20 18:26:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-20 18:26:21 ----A---- C:\Windows\system32\combase.dll
2016-02-20 18:26:20 ----A---- C:\Windows\system32\mshtml.dll
2016-02-20 18:26:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-20 18:26:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-20 18:26:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-20 18:26:18 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-20 18:26:18 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-02-20 18:26:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-20 18:26:15 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-02-20 18:26:14 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-02-20 18:26:14 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-02-20 18:26:13 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-02-20 18:26:13 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-02-20 18:26:13 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-02-20 18:26:13 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-02-20 18:26:08 ----A---- C:\Windows\system32\hlink.dll
2016-02-20 18:26:08 ----A---- C:\Windows\system32\browserbroker.dll
2016-02-20 18:26:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-20 18:26:07 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-02-20 18:26:07 ----A---- C:\Windows\system32\ieframe.dll
2016-02-20 18:26:04 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2016-02-20 18:26:03 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2016-02-20 18:26:03 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-02-20 18:26:03 ----A---- C:\Windows\system32\audiosrv.dll
2016-02-20 18:26:02 ----A---- C:\Windows\system32\dmcsps.dll
2016-02-20 18:26:02 ----A---- C:\Windows\system32\CellularAPI.dll
2016-02-20 18:26:01 ----A---- C:\Windows\system32\Windows.Globalization.dll
2016-02-20 18:26:00 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-02-20 18:25:55 ----A---- C:\Windows\SYSWOW64\LicenseManager.dll
2016-02-20 18:25:55 ----A---- C:\Windows\system32\LicenseManager.dll
2016-02-20 18:25:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-02-20 18:25:54 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-02-20 18:25:54 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-20 18:25:51 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-20 18:25:50 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-02-20 18:25:50 ----A---- C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2016-02-20 18:25:50 ----A---- C:\Windows\system32\esent.dll
2016-02-20 18:25:48 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-20 18:25:48 ----A---- C:\Windows\system32\wininet.dll
2016-02-20 18:25:47 ----A---- C:\Windows\system32\rasmans.dll
2016-02-20 18:25:47 ----A---- C:\Windows\system32\pnidui.dll
2016-02-20 18:25:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-02-20 18:25:46 ----A---- C:\Windows\system32\wwanmm.dll
2016-02-20 18:25:46 ----A---- C:\Windows\system32\winlogon.exe
2016-02-20 18:25:45 ----A---- C:\Windows\system32\shell32.dll
2016-02-20 18:25:44 ----A---- C:\Windows\system32\Windows.UI.dll
2016-02-20 18:25:43 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2016-02-20 18:25:43 ----A---- C:\Windows\system32\WinTypes.dll
2016-02-20 18:25:43 ----A---- C:\Windows\system32\Windows.Media.dll
2016-02-20 18:25:43 ----A---- C:\Windows\system32\usermgrcli.dll
2016-02-20 18:25:42 ----A---- C:\Windows\system32\usermgr.dll
2016-02-20 18:25:41 ----A---- C:\Windows\system32\twinapi.appcore.dll
2016-02-20 18:25:41 ----A---- C:\Windows\system32\TokenBroker.dll
2016-02-20 18:25:41 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-02-20 18:25:40 ----A---- C:\Windows\SYSWOW64\remoteaudioendpoint.dll
2016-02-20 18:25:40 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2016-02-20 18:25:40 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-02-20 18:25:40 ----A---- C:\Windows\system32\twinui.dll
2016-02-20 18:25:40 ----A---- C:\Windows\system32\devenum.dll
2016-02-20 18:25:39 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-02-20 18:25:39 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-02-20 18:25:39 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-02-20 18:25:39 ----A---- C:\Windows\system32\mfvdsp.dll
2016-02-20 18:25:39 ----A---- C:\Windows\system32\mftranscode.dll
2016-02-20 18:25:39 ----A---- C:\Windows\system32\mfcore.dll
2016-02-20 18:25:39 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2016-02-20 18:25:38 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-02-20 18:25:37 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\WinTypes.dll
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2016-02-20 18:25:34 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-02-20 18:25:34 ----A---- C:\Windows\SYSWOW64\twinapi.appcore.dll
2016-02-20 18:25:33 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-02-20 18:25:33 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-02-20 18:25:33 ----A---- C:\Windows\system32\msxml6.dll
2016-02-20 18:25:32 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2016-02-20 18:25:32 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-02-20 18:25:32 ----A---- C:\Windows\system32\GdiPlus.dll
2016-02-20 18:25:31 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2016-02-20 18:25:31 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2016-02-20 18:25:31 ----A---- C:\Windows\system32\netcenter.dll
2016-02-20 18:25:30 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-20 18:25:30 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-02-20 18:25:30 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-02-20 18:25:30 ----A---- C:\Windows\system32\ntdll.dll
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-02-20 18:25:29 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-02-20 18:25:28 ----A---- C:\Windows\system32\BingMaps.dll
2016-02-20 18:25:28 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-02-20 18:25:28 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-02-20 18:25:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-20 18:25:27 ----A---- C:\Windows\system32\windows.storage.dll
2016-02-20 18:25:26 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-02-20 18:25:26 ----A---- C:\Windows\system32\urlmon.dll
2016-02-20 18:25:26 ----A---- C:\Windows\system32\msxml3.dll
2016-02-20 18:25:25 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-20 18:25:24 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-02-20 18:25:24 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-02-20 18:25:24 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-02-20 18:25:23 ----A---- C:\Windows\system32\workfolderssvc.dll
2016-02-20 18:25:23 ----A---- C:\Windows\system32\quartz.dll
2016-02-20 18:25:22 ----A---- C:\Windows\SYSWOW64\SRHInproc.dll
2016-02-20 18:25:22 ----A---- C:\Windows\system32\SRHInproc.dll
2016-02-20 18:25:22 ----A---- C:\Windows\system32\mos.dll
2016-02-20 18:25:21 ----A---- C:\Windows\SYSWOW64\mos.dll
2016-02-20 18:25:21 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-20 18:25:20 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-02-20 18:25:20 ----A---- C:\Windows\system32\msctf.dll
2016-02-20 18:25:20 ----A---- C:\Windows\system32\hevcdecoder.dll
2016-02-20 18:25:19 ----A---- C:\Windows\SYSWOW64\hevcdecoder.dll
2016-02-20 18:25:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-02-20 18:25:19 ----A---- C:\Windows\SYSWOW64\BingMaps.dll
2016-02-20 18:25:19 ----A---- C:\Windows\system32\DataSenseHandlers.dll
2016-02-20 18:25:19 ----A---- C:\Windows\system32\comsvcs.dll
2016-02-20 18:25:18 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-02-20 18:25:18 ----A---- C:\Windows\system32\wwanconn.dll
2016-02-20 18:25:18 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-02-20 18:25:18 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-02-20 18:25:18 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2016-02-20 18:25:17 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-02-20 18:25:17 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\Windows.UI.Logon.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\user32.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\mfnetcore.dll
2016-02-20 18:25:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-20 18:25:16 ----A---- C:\Windows\system32\aepic.dll
2016-02-20 18:25:16 ----A---- C:\Windows\system32\aeinv.dll
2016-02-20 18:25:15 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-02-20 18:25:14 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-02-20 18:25:12 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-20 18:25:12 ----A---- C:\Windows\system32\kerberos.dll
2016-02-20 18:25:11 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2016-02-20 18:25:11 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2016-02-20 18:25:10 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-02-20 18:25:10 ----A---- C:\Windows\system32\generaltel.dll
2016-02-20 18:25:10 ----A---- C:\Windows\system32\appraiser.dll
2016-02-20 18:25:09 ----A---- C:\Windows\SYSWOW64\SRH.dll
2016-02-20 18:25:09 ----A---- C:\Windows\SYSWOW64\Magnify.exe
2016-02-20 18:25:09 ----A---- C:\Windows\system32\SRH.dll
2016-02-20 18:25:09 ----A---- C:\Windows\system32\Magnify.exe
2016-02-20 18:25:09 ----A---- C:\Windows\system32\CoreUIComponents.dll
2016-02-20 18:25:08 ----A---- C:\Windows\system32\wpx.dll
2016-02-20 18:25:08 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-02-20 18:25:08 ----A---- C:\Windows\system32\mfds.dll
2016-02-20 18:25:08 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2016-02-20 18:25:07 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-02-20 18:25:07 ----A---- C:\Windows\system32\vbscript.dll
2016-02-20 18:25:07 ----A---- C:\Windows\system32\jscript.dll
2016-02-20 18:25:06 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-20 18:25:06 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-02-20 18:25:06 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-20 18:25:06 ----A---- C:\Windows\system32\mfsvr.dll
2016-02-20 18:25:06 ----A---- C:\Windows\system32\evr.dll
2016-02-20 18:25:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-20 18:25:05 ----A---- C:\Windows\system32\fveapi.dll
2016-02-20 18:25:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-20 18:25:04 ----A---- C:\Windows\system32\iertutil.dll
2016-02-20 18:25:04 ----A---- C:\Windows\system32\advapi32.dll
2016-02-20 18:25:03 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-02-20 18:25:03 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-02-20 18:25:03 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-02-20 18:25:02 ----A---- C:\Windows\SYSWOW64\Windows.UI.Logon.dll
2016-02-20 18:25:02 ----A---- C:\Windows\system32\qedit.dll
2016-02-20 18:24:58 ----A---- C:\Windows\system32\ninput.dll
2016-02-20 18:24:58 ----A---- C:\Windows\system32\ieui.dll
2016-02-20 18:24:58 ----A---- C:\Windows\system32\duser.dll
2016-02-20 18:24:57 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2016-02-20 18:24:57 ----A---- C:\Windows\system32\RDXService.dll
2016-02-20 18:24:57 ----A---- C:\Windows\system32\KnobsCsp.dll
2016-02-20 18:24:57 ----A---- C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-02-20 18:24:56 ----A---- C:\Windows\system32\WUDFx02000.dll
2016-02-20 18:24:56 ----A---- C:\Windows\system32\drivers\pdc.sys
2016-02-20 18:24:56 ----A---- C:\Windows\system32\drivers\gpuenergydrv.sys
2016-02-20 18:24:55 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-20 18:24:55 ----A---- C:\Windows\system32\invagent.dll
2016-02-20 18:24:55 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-02-20 18:24:54 ----A---- C:\Windows\system32\Chakradiag.dll
2016-02-20 18:24:53 ----A---- C:\Windows\SYSWOW64\ninput.dll
2016-02-20 18:24:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-20 18:24:53 ----A---- C:\Windows\SYSWOW64\duser.dll
2016-02-20 18:24:53 ----A---- C:\Windows\system32\wlansvc.dll
2016-02-20 18:24:53 ----A---- C:\Windows\system32\psmsrv.dll
2016-02-20 18:24:53 ----A---- C:\Windows\system32\internetmail.dll
2016-02-20 18:24:52 ----A---- C:\Windows\SYSWOW64\dlnashext.dll
2016-02-20 18:24:52 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-02-20 18:24:52 ----A---- C:\Windows\system32\winmde.dll
2016-02-20 18:24:52 ----A---- C:\Windows\system32\dlnashext.dll
2016-02-20 18:24:52 ----A---- C:\Windows\system32\catsrvut.dll
2016-02-20 18:24:51 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-02-20 18:24:51 ----A---- C:\Windows\system32\PimIndexMaintenance.dll
2016-02-20 18:24:51 ----A---- C:\Windows\system32\mfh264enc.dll
2016-02-20 18:24:51 ----A---- C:\Windows\system32\CallHistoryClient.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\UserDataService.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\qdvd.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\ngcsvc.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\ngckeyenum.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\devinv.dll
2016-02-20 18:24:49 ----A---- C:\Windows\system32\Windows.UI.Shell.dll
2016-02-20 18:24:49 ----A---- C:\Windows\system32\RemoteNaturalLanguage.dll
2016-02-20 18:24:48 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-20 18:24:48 ----A---- C:\Windows\system32\wlidsvc.dll
2016-02-20 18:24:48 ----A---- C:\Windows\system32\UIAutomationCore.dll
2016-02-20 18:24:48 ----A---- C:\Windows\system32\drivers\fastfat.sys
2016-02-20 18:24:47 ----A---- C:\Windows\SYSWOW64\ncryptprov.dll
2016-02-20 18:24:47 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\NetworkDesktopSettings.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\ncryptprov.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\wwansvc.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\WWanAPI.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\wifinetworkmanager.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\Unistore.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\CoreMessaging.dll
2016-02-20 18:24:45 ----A---- C:\Windows\SYSWOW64\WWanAPI.dll
2016-02-20 18:24:45 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2016-02-20 18:24:45 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-02-20 18:24:44 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-02-20 18:24:44 ----A---- C:\Windows\SYSWOW64\RemoteNaturalLanguage.dll
2016-02-20 18:24:44 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-20 18:24:44 ----A---- C:\Windows\system32\EthernetMediaManager.dll
2016-02-20 18:24:44 ----A---- C:\Windows\system32\drivers\sdbus.sys
2016-02-20 18:24:44 ----A---- C:\Windows\system32\AudioEng.dll
2016-02-20 18:24:43 ----A---- C:\Windows\SYSWOW64\Windows.Speech.Pal.dll
2016-02-20 18:24:43 ----A---- C:\Windows\SYSWOW64\Windows.Media.Speech.dll
2016-02-20 18:24:43 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\Windows.Speech.Pal.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\Windows.Internal.Management.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\profsvc.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\MBMediaManager.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\dmenrollengine.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\DeviceEnroller.exe
2016-02-20 18:24:42 ----A---- C:\Windows\SYSWOW64\Unistore.dll
2016-02-20 18:24:42 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2016-02-20 18:24:42 ----A---- C:\Windows\system32\authui.dll
2016-02-20 18:24:41 ----A---- C:\Windows\system32\modernexecserver.dll
2016-02-20 18:24:40 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-02-20 18:24:40 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-02-20 18:24:40 ----A---- C:\Windows\system32\ngccredprov.dll
2016-02-20 18:24:40 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-02-20 18:24:40 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-02-20 18:24:39 ----A---- C:\Windows\system32\Windows.Media.Speech.dll
2016-02-20 18:24:39 ----A---- C:\Windows\system32\dssvc.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Management.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Usb.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\IoTAssignedAccessLockFramework.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-20 18:24:38 ----A---- C:\Windows\system32\ContactApis.dll
2016-02-20 18:24:37 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-02-20 18:24:37 ----A---- C:\Windows\system32\winload.exe
2016-02-20 18:24:37 ----A---- C:\Windows\system32\MapControlCore.dll
2016-02-20 18:24:37 ----A---- C:\Windows\system32\accountaccessor.dll
2016-02-20 18:24:36 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2016-02-20 18:24:36 ----A---- C:\Windows\system32\RasMediaManager.dll
2016-02-20 18:24:36 ----A---- C:\Windows\system32\DAMediaManager.dll
2016-02-20 18:24:35 ----A---- C:\Windows\SYSWOW64\rasman.dll
2016-02-20 18:24:35 ----A---- C:\Windows\SYSWOW64\ContactApis.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\wmpmde.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\SharedStartModel.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\remoteaudioendpoint.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\rasman.dll
2016-02-20 18:24:34 ----A---- C:\Windows\SYSWOW64\MapControlCore.dll
2016-02-20 18:24:34 ----A---- C:\Windows\system32\wwancfg.dll
2016-02-20 18:24:34 ----A---- C:\Windows\system32\MbaeApi.dll
2016-02-20 18:24:34 ----A---- C:\Windows\system32\directmanipulation.dll
2016-02-20 18:24:33 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-02-20 18:24:33 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2016-02-20 18:24:33 ----A---- C:\Windows\SYSWOW64\AppointmentApis.dll
2016-02-20 18:24:33 ----A---- C:\Windows\system32\wuapi.dll
2016-02-20 18:24:33 ----A---- C:\Windows\system32\VEEventDispatcher.dll
2016-02-20 18:24:33 ----A---- C:\Windows\system32\NotificationController.dll
2016-02-20 18:24:32 ----A---- C:\Windows\SYSWOW64\winmde.dll
2016-02-20 18:24:32 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-20 18:24:32 ----A---- C:\Windows\SYSWOW64\mdmregistration.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\WlanMediaManager.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\NetworkUXBroker.exe
2016-02-20 18:24:32 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\mdmregistration.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\enrollmentapi.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\CredProvDataModel.dll
2016-02-20 18:24:31 ----A---- C:\Windows\SYSWOW64\directmanipulation.dll
2016-02-20 18:24:31 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-02-20 18:24:31 ----A---- C:\Windows\system32\wcmsvc.dll
2016-02-20 18:24:31 ----A---- C:\Windows\system32\ChatApis.dll
2016-02-20 18:24:30 ----A---- C:\Windows\SYSWOW64\ChatApis.dll
2016-02-20 18:24:30 ----A---- C:\Windows\SYSWOW64\CredProvDataModel.dll
2016-02-20 18:24:30 ----A---- C:\Windows\system32\tileobjserver.dll
2016-02-20 18:24:30 ----A---- C:\Windows\system32\mfps.dll
2016-02-20 18:24:30 ----A---- C:\Windows\system32\mdmmigrator.dll
2016-02-20 18:24:29 ----A---- C:\Windows\SYSWOW64\VEEventDispatcher.dll
2016-02-20 18:24:29 ----A---- C:\Windows\SYSWOW64\MbaeApi.dll
2016-02-20 18:24:29 ----A---- C:\Windows\system32\omadmapi.dll
2016-02-20 18:24:29 ----A---- C:\Windows\system32\comdlg32.dll
2016-02-20 18:24:28 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-20 18:24:28 ----A---- C:\Windows\system32\LockAppBroker.dll
2016-02-20 18:24:28 ----A---- C:\Windows\system32\gdi32.dll
2016-02-20 18:24:28 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-02-20 18:24:28 ----A---- C:\Windows\system32\dmcertinst.exe
2016-02-20 18:24:27 ----A---- C:\Windows\SYSWOW64\JpMapControl.dll
2016-02-20 18:24:27 ----A---- C:\Windows\SYSWOW64\EmailApis.dll
2016-02-20 18:24:27 ----A---- C:\Windows\system32\winresume.exe
2016-02-20 18:24:25 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-02-20 18:24:25 ----A---- C:\Windows\SYSWOW64\CallHistoryClient.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\MDMAppInstaller.exe
2016-02-20 18:24:25 ----A---- C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\dot3mm.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\DAMM.dll
2016-02-20 18:24:24 ----A---- C:\Windows\SYSWOW64\SensorsApi.dll
2016-02-20 18:24:24 ----A---- C:\Windows\SYSWOW64\LockAppBroker.dll
2016-02-20 18:24:24 ----A---- C:\Windows\system32\SensorsApi.dll
2016-02-20 18:24:24 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2016-02-20 18:24:24 ----A---- C:\Windows\system32\acmigration.dll
2016-02-20 18:24:23 ----A---- C:\Windows\system32\ncsi.dll
2016-02-20 18:24:23 ----A---- C:\Windows\system32\HttpsDataSource.dll
2016-02-20 18:24:23 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2016-02-20 18:24:23 ----A---- C:\Windows\system32\drivers\buttonconverter.sys
2016-02-20 18:24:23 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-02-20 18:24:22 ----A---- C:\Windows\SYSWOW64\MessagingDataModel2.dll
2016-02-20 18:24:22 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-20 18:24:22 ----A---- C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-02-20 18:24:21 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\KnobsCore.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\EmailApis.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2016-02-20 18:24:20 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-02-20 18:24:20 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-02-20 18:24:20 ----A---- C:\Windows\system32\provengine.dll
2016-02-20 18:24:20 ----A---- C:\Windows\system32\mf.dll
2016-02-20 18:24:20 ----A---- C:\Windows\system32\fontdrvhost.exe
2016-02-20 18:24:19 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-02-20 18:24:19 ----A---- C:\Windows\system32\wcmcsp.dll
2016-02-20 18:24:19 ----A---- C:\Windows\system32\JpMapControl.dll
2016-02-20 18:24:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-02-20 18:24:16 ----A---- C:\Windows\SYSWOW64\ztrace_maps.dll
2016-02-20 18:24:16 ----A---- C:\Windows\system32\ztrace_maps.dll
2016-02-20 18:24:16 ----A---- C:\Windows\system32\tetheringservice.dll
2016-02-20 18:24:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-20 18:24:15 ----A---- C:\Windows\system32\SubscriptionMgr.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\VEStoreEventHandlers.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\userenv.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\MessagingDataModel2.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\MapsStore.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\cloudAP.dll
2016-02-20 18:24:13 ----A---- C:\Windows\SYSWOW64\UserDataAccountApis.dll
2016-02-20 18:24:13 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2016-02-20 18:24:13 ----A---- C:\Windows\system32\StoreAgent.dll
2016-02-20 18:24:13 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-02-20 18:24:13 ----A---- C:\Windows\system32\AppointmentApis.dll
2016-02-20 18:24:12 ----A---- C:\Windows\SYSWOW64\usermgrcli.dll
2016-02-20 18:24:12 ----A---- C:\Windows\SYSWOW64\userenv.dll
2016-02-20 18:24:12 ----A---- C:\Windows\SYSWOW64\PhoneCallHistoryApis.dll
2016-02-20 18:24:12 ----A---- C:\Windows\system32\shutdownux.dll
2016-02-20 18:24:12 ----A---- C:\Windows\system32\omadmclient.exe
2016-02-20 18:24:12 ----A---- C:\Windows\system32\MapConfiguration.dll
2016-02-20 18:24:12 ----A---- C:\Windows\system32\LocationWiFiAdapter.dll
2016-02-20 18:24:11 ----A---- C:\Windows\system32\syncmlhook.dll
2016-02-20 18:24:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-02-20 18:24:10 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\syncutil.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\LocationWebproxy.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\LocationGeofences.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\LicenseManagerShellext.exe
2016-02-20 18:24:09 ----A---- C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-02-20 18:24:09 ----A---- C:\Windows\system32\enterprisecsps.dll
2016-02-20 18:24:08 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-20 18:24:08 ----A---- C:\Windows\system32\wpnapps.dll
2016-02-20 18:24:08 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-20 18:24:08 ----A---- C:\Windows\system32\KBDAZST.DLL
2016-02-20 18:24:08 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-20 18:24:08 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\KBDAZST.DLL
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-20 18:24:07 ----A---- C:\Windows\system32\wups2.dll
2016-02-20 18:24:07 ----A---- C:\Windows\system32\LocationFramework.dll
2016-02-20 18:24:07 ----A---- C:\Windows\explorer.exe
2016-02-20 18:24:06 ----A---- C:\Windows\system32\LocationPeIP.dll
2016-02-20 18:24:06 ----A---- C:\Windows\system32\LocationCrowdsource.dll
2016-02-20 18:24:05 ----A---- C:\Windows\SYSWOW64\profext.dll
2016-02-20 18:24:05 ----A---- C:\Windows\SYSWOW64\MapConfiguration.dll
2016-02-20 18:24:05 ----A---- C:\Windows\system32\UserDataAccountApis.dll
2016-02-20 18:24:05 ----A---- C:\Windows\system32\profext.dll
2016-02-20 18:24:05 ----A---- C:\Windows\system32\PhoneCallHistoryApis.dll
2016-02-20 18:24:04 ----A---- C:\Windows\system32\wups.dll
2016-02-20 18:24:04 ----A---- C:\Windows\system32\provops.dll
2016-02-20 18:24:04 ----A---- C:\Windows\system32\MPSSVC.dll
2016-02-20 18:24:03 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2016-02-20 18:24:02 ----A---- C:\Windows\system32\nlasvc.dll
2016-02-20 18:24:02 ----A---- C:\Windows\system32\aitstatic.exe
2016-02-20 18:24:01 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-20 18:24:01 ----A---- C:\Windows\SYSWOW64\UserMgrProxy.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\UserMgrProxy.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\provisioningcsp.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\LocationPeWiFi.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\LocationPeCell.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\configmanager2.dll
2016-02-20 18:02:30 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-02-20 18:02:29 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-02-20 18:02:11 ----D---- C:\Users\Saine\AppData\Roaming\Winamp
2016-02-20 18:00:58 ----D---- C:\Program Files (x86)\Winamp
2016-02-20 17:55:35 ----D---- C:\Users\Saine\AppData\Roaming\CleanMyPC Software
2016-02-20 17:55:34 ----AD---- C:\ProgramData\TEMP
2016-02-20 17:52:02 ----A---- C:\Windows\system32\SppExtComObjHook.dll
2016-02-20 17:52:01 ----A---- C:\Windows\system32\SppExtComObjPatcher.exe
2016-02-20 17:34:35 ----D---- C:\Program Files (x86)\Microsoft Office
2016-02-20 17:34:34 ----D---- C:\Program Files\Microsoft Office 15
2016-02-20 17:30:43 ----D---- C:\Users\Saine\AppData\Roaming\DAEMON Tools Ultra
2016-02-20 17:30:38 ----D---- C:\Program Files (x86)\DAEMON Tools Ultra
2016-02-20 17:26:34 ----D---- C:\ProgramData\DAEMON Tools Ultra
2016-02-20 16:59:53 ----D---- C:\Users\Saine\AppData\Roaming\GHISLER
2016-02-20 16:59:53 ----D---- C:\totalcmd
2016-02-20 16:53:35 ----D---- C:\Users\Saine\AppData\Roaming\WinRAR
2016-02-20 16:52:44 ----D---- C:\Program Files\WinRAR
2016-02-20 16:35:16 ----D---- C:\ProgramData\CodeMeter
2016-02-20 16:35:16 ----D---- C:\Program Files\CodeMeter
2016-02-20 16:35:16 ----D---- C:\Program Files (x86)\CodeMeter
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\WkExt32.dll
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\WibuXpm4J32.dll
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\wibuKJni.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\WkExt64.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\WibuXpm4J64.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\wibuKJni64.dll
2016-02-20 16:34:39 ----A---- C:\Windows\system32\drivers\Wibukey2_64.sys
2016-02-20 16:34:35 ----A---- C:\Windows\SYSWOW64\WkWin32.dll
2016-02-20 16:34:35 ----A---- C:\Windows\system32\WkWin64.dll
2016-02-20 16:34:35 ----A---- C:\Windows\system32\drivers\WibuKey64.sys
2016-02-20 16:34:29 ----D---- C:\Program Files\WIBU-SYSTEMS
2016-02-20 16:34:29 ----D---- C:\Program Files (x86)\WIBU-SYSTEMS
2016-02-20 16:34:29 ----D---- C:\Program Files (x86)\WIBUKEY
2016-02-20 16:29:39 ----D---- C:\Program Files\GRAPHISOFT
2016-02-20 16:29:01 ----D---- C:\Users\Saine\AppData\Roaming\Install.GS
2016-02-20 16:28:46 ----D---- C:\ProgramData\Sun
2016-02-20 16:28:44 ----A---- C:\Windows\SYSWOW64\javaws.exe
2016-02-20 16:28:41 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-02-20 16:28:41 ----A---- C:\Windows\SYSWOW64\javaw.exe
2016-02-20 16:28:40 ----A---- C:\Windows\SYSWOW64\java.exe
2016-02-20 16:28:35 ----D---- C:\Program Files (x86)\Java
2016-02-20 16:20:37 ----D---- C:\Users\Saine\AppData\Roaming\Macromedia
2016-02-20 16:19:41 ----A---- C:\Windows\system32\drivers\HipShieldK.sys
2016-02-20 16:19:07 ----D---- C:\Program Files (x86)\McAfee.com
2016-02-20 16:18:05 ----D---- C:\Program Files\McAfee.com
2016-02-20 16:18:05 ----D---- C:\Program Files\McAfee
2016-02-20 16:17:52 ----D---- C:\Program Files\Common Files\AV
2016-02-20 16:17:50 ----D---- C:\Program Files (x86)\McAfee
2016-02-20 16:09:48 ----A---- C:\Windows\system32\mfevtps.exe
2016-02-20 16:09:45 ----D---- C:\Program Files\Common Files\McAfee
2016-02-20 16:09:40 ----D---- C:\ProgramData\McAfee
2016-02-20 16:06:57 ----D---- C:\Users\Saine\AppData\Roaming\Adobe
2016-02-20 16:06:16 ----SD---- C:\Users\Saine\AppData\Roaming\Microsoft
2016-02-20 15:58:23 ----A---- C:\Windows\system32\drivers\ATK64AMD.sys
2016-02-20 15:58:21 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2016-02-20 15:58:15 ----D---- C:\Program Files\Elantech
2016-02-20 15:58:12 ----A---- C:\Windows\system32\ETDCoInstaller01000.dll
2016-02-20 15:58:12 ----A---- C:\Windows\system32\drivers\ETD.sys
2016-02-20 15:57:56 ----D---- C:\Program Files (x86)\Intel
2016-02-20 15:57:54 ----D---- C:\Intel
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igdumdx32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igdumd32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igd10umd32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\iglhsip64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\iglhcp64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxtray.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxTMM.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxsrvc.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxsrvc.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxress.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxpph.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxpers.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxext.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxexps.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxdo.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxdev.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxCoIn_v2858.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxcmrt64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxcmjit64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igdumd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igd10umd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\ig4icd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2016-02-20 15:57:39 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\hkcmd.exe
2016-02-20 15:57:39 ----A---- C:\Windows\system32\hccutils.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\GfxUI.exe
2016-02-20 15:57:39 ----A---- C:\Windows\system32\gfxSrvc.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\difx64.exe
2016-02-20 15:53:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-20 15:50:00 ----D---- C:\Windows\SoftwareDistribution
2016-02-20 12:58:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-20 12:56:25 ----D---- C:\Windows\CSC
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Šablony
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Plocha
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Nabídka Start
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Dokumenty
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Data aplikací
2016-02-20 12:53:59 ----ASH---- C:\hiberfil.sys
2016-02-20 12:52:15 ----SHD---- C:\Recovery
2016-02-20 12:50:19 ----D---- C:\Windows\Prefetch
2016-02-20 12:49:44 ----ASH---- C:\swapfile.sys
2016-02-20 12:49:44 ----ASH---- C:\pagefile.sys
2016-02-20 12:49:42 ----SHD---- C:\System Volume Information
2016-02-20 12:49:18 ----D---- C:\Windows\Panther
2016-02-20 12:49:06 ----RASH---- C:\BOOTSECT.BAK
2016-02-20 12:49:04 ----SHD---- C:\Boot

======List of files/folders modified in the last 1 month======

2016-02-21 12:41:36 ----D---- C:\Windows\Temp
2016-02-21 12:40:34 ----D---- C:\Windows\System32
2016-02-21 11:55:52 ----D---- C:\Windows\INF
2016-02-21 11:51:29 ----HD---- C:\ProgramData
2016-02-21 11:50:38 ----D---- C:\Windows\system32\sru
2016-02-21 11:49:40 ----D---- C:\Windows\Tasks
2016-02-21 11:49:40 ----D---- C:\Windows\system32\Tasks
2016-02-21 11:38:18 ----D---- C:\Windows\Microsoft.NET
2016-02-21 11:24:05 ----D---- C:\Windows\system32\config
2016-02-21 11:22:05 ----SHD---- C:\Windows\Installer
2016-02-21 10:51:21 ----D---- C:\Windows\CbsTemp
2016-02-21 10:51:15 ----D---- C:\Windows\WinSxS
2016-02-21 10:43:53 ----D---- C:\Windows\SysWOW64
2016-02-21 10:31:50 ----RD---- C:\Program Files (x86)
2016-02-21 10:27:43 ----D---- C:\Windows\system32\drivers
2016-02-21 10:25:18 ----SD---- C:\Windows\SYSWOW64\F12
2016-02-21 10:25:18 ----D---- C:\Windows\SYSWOW64\migration
2016-02-21 10:25:18 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-21 10:25:13 ----D---- C:\Windows\system32\WinBioPlugIns
2016-02-21 10:25:12 ----SD---- C:\Windows\system32\F12
2016-02-21 10:25:12 ----D---- C:\Windows\system32\SystemResetPlatform
2016-02-21 10:25:12 ----D---- C:\Windows\system32\oobe
2016-02-21 10:25:12 ----D---- C:\Windows\system32\migration
2016-02-21 10:25:12 ----D---- C:\Windows\system32\cs-CZ
2016-02-21 10:25:12 ----D---- C:\Windows\system32\Boot
2016-02-21 10:25:12 ----D---- C:\Windows\system32\appraiser
2016-02-21 10:25:09 ----RD---- C:\Windows\PurchaseDialog
2016-02-21 10:25:09 ----D---- C:\Windows\Provisioning
2016-02-21 10:25:06 ----RSD---- C:\Windows\Fonts
2016-02-21 10:25:06 ----D---- C:\Windows\L2Schemas
2016-02-21 10:25:06 ----D---- C:\Windows\AppPatch
2016-02-21 10:25:06 ----D---- C:\Windows
2016-02-21 10:25:06 ----D---- C:\Program Files\Windows Journal
2016-02-21 10:25:06 ----D---- C:\Program Files\Internet Explorer
2016-02-21 10:25:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-21 10:25:05 ----D---- C:\Windows\system32\CodeIntegrity
2016-02-21 10:25:03 ----D---- C:\Windows\system32\DriverStore
2016-02-21 09:15:03 ----RD---- C:\Program Files
2016-02-21 01:10:06 ----RD---- C:\Windows\assembly
2016-02-20 23:45:15 ----D---- C:\Windows\Logs
2016-02-20 22:01:48 ----HD---- C:\$WINDOWS.~BT
2016-02-20 19:01:59 ----D---- C:\Windows\system32\WinBioDatabase
2016-02-20 18:42:09 ----D---- C:\Windows\SYSWOW64\MUI
2016-02-20 18:42:09 ----D---- C:\Windows\system32\MUI
2016-02-20 18:40:44 ----D---- C:\Program Files (x86)\Common Files
2016-02-20 18:39:30 ----D---- C:\Windows\system32\catroot2
2016-02-20 18:35:27 ----SD---- C:\ProgramData\Microsoft
2016-02-20 18:32:00 ----D---- C:\Windows\debug
2016-02-20 18:18:02 ----HD---- C:\Program Files\WindowsApps
2016-02-20 17:41:25 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-02-20 17:41:05 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-02-20 17:34:31 ----D---- C:\Program Files\Common Files\microsoft shared
2016-02-20 16:57:43 ----D---- C:\Windows\AppReadiness
2016-02-20 16:24:19 ----RD---- C:\Users
2016-02-20 16:19:00 ----HD---- C:\Windows\ELAMBKUP
2016-02-20 16:17:52 ----D---- C:\Program Files\Common Files
2016-02-20 16:09:05 ----SHD---- C:\$Recycle.Bin
2016-02-20 16:08:24 ----D---- C:\Windows\system32\WDI
2016-02-20 12:55:44 ----D---- C:\Windows\rescache
2016-02-20 12:54:24 ----D---- C:\Program Files\Windows NT
2016-02-20 12:52:15 ----D---- C:\Windows\system32\Recovery
2016-02-20 12:52:12 ----D---- C:\Windows\system32\Sysprep
2016-02-20 12:50:22 ----D---- C:\Windows\system32\drivers\UMDF
2016-02-02 23:47:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2015-08-10 839376]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2015-08-10 244024]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athwnx.sys [2015-06-18 4207104]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2015-08-10 80768]
R3 dtlitescsibus;@oem9.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-02-21 30264]
R3 dtliteusbbus;@oem10.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-02-21 47672]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2016-02-20 525512]
R3 HECIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\Windows\System32\drivers\HECIx64.sys [2016-02-20 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-02-20 12311776]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-02-21 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 64216]
R3 mfeaack;McAfee Inc. mfeaack; C:\Windows\system32\drivers\mfeaack.sys [2015-08-10 413432]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2015-08-10 349096]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2015-08-10 495856]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2015-08-12 537408]
R3 MTsensor;@oem5.inf,%ATKACPI.DisplayName%;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2016-02-20 13680]
R3 NETJME;@netjme.inf,%JME_Service_DispName%;JMicron Ethernet Adapter NDIS6.30 Driver (Amd64 Bits); C:\Windows\System32\drivers\NETJME.sys [2015-06-18 137728]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 116736]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2015-05-19 207208]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2015-08-12 111256]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-09-10 934752]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-09-10 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2015-09-10 67072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2015-08-16 2776664]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2013-11-15 3105144]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2016-02-20 144072]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-09-28 783120]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [2015-09-01 1694152]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2015-08-10 376264]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-09-01 368584]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2015-07-31 232656]
R3 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2015-07-31 254792]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2015-08-11 639456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 56344]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-08-16 204360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-09-10 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 21 úno 2016 15:02

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

saesa · #7 Příspěvek od **saesa** » 21 úno 2016 16:18

Vymazal jsme vsechnu historii a provedl v chromu nastaveni interter exploreru do vychozího nastaveni. Na chvilku to prestalo delat, ale uz mi to tam zase skace. Zasílám tedy log po OTM a restartu.

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Saine at 2016-02-21 16:11:36
Microsoft Windows 10 Pro 
System drive C: has 88 GB (74%) free of 119 GB
Total RAM: 3885 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:11:40, on 21.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe
C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files\trend micro\Saine.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8013
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: esat.exe
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11215 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"
"C:\Windows\system32\mfevtps.exe" -mms
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe"
C:\Windows\system32\svchost.exe -k appmodel
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" -mms
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\McAfee\MSC\McAPExe.exe"
C:\Windows\system32\wbem\wmiprvse.exe

sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 616 620 628 8192 624 
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-304457122-4198643908-4039905295-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-304457122-4198643908-4039905295-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"  "1"
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe" 
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe" 
"C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe" 
"C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\Microsoft Office\Root\Office16\MsoSync.exe"

"C:\Users\Saine\Desktop\RSITx64.exe" 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-20 228424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-20 2167416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-02-20 162888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-02-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-02-20 1513592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-02-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2016-02-20 168480]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2016-02-20 393760]
"Persistence"=C:\Windows\system32\igfxpers.exe [2016-02-20 418336]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2016-02-20 3242696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Saine\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-02-20 551112]
"Google Update"=C:\Users\Saine\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-20 154440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodeMeter Control Center.lnk - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

C:\Users\Saine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
esat.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2016-02-20 390144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-21 16:06:47 ----D---- C:\_OTM
2016-02-21 14:05:02 ----D---- C:\ProgramData\Intel Security
2016-02-21 14:04:01 ----D---- C:\Program Files\Common Files\Intel Security
2016-02-21 11:46:18 ----D---- C:\AdwCleaner
2016-02-21 10:31:50 ----D---- C:\Program Files (x86)\Dassault Systemes
2016-02-21 10:30:57 ----HD---- C:\OneDriveTemp
2016-02-21 09:15:03 ----D---- C:\Program Files\Dassault Systemes
2016-02-21 09:14:08 ----D---- C:\Users\Saine\AppData\Roaming\DassaultSystemes
2016-02-21 09:14:08 ----D---- C:\ProgramData\DassaultSystemes
2016-02-21 09:11:36 ----D---- C:\Program Files\DAEMON Tools Lite
2016-02-21 08:55:16 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2016-02-21 08:53:34 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2016-02-21 08:53:30 ----D---- C:\Users\Saine\AppData\Roaming\DAEMON Tools Lite
2016-02-21 08:52:48 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-02-20 23:45:14 ----D---- C:\Program Files\trend micro
2016-02-20 23:45:12 ----D---- C:\rsit
2016-02-20 22:07:19 ----A---- C:\autoexec.bat
2016-02-20 22:04:17 ----D---- C:\Program Files\Enigma Software Group
2016-02-20 21:36:58 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-20 21:36:36 ----D---- C:\ProgramData\Malwarebytes
2016-02-20 21:36:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-20 21:36:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-20 21:34:01 ----D---- C:\Windows\system32\appmgmt
2016-02-20 18:42:09 ----D---- C:\Windows\SYSWOW64\XPSViewer
2016-02-20 18:42:01 ----D---- C:\Program Files\Reference Assemblies
2016-02-20 18:42:01 ----D---- C:\Program Files\MSBuild
2016-02-20 18:42:01 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-02-20 18:42:01 ----D---- C:\Program Files (x86)\MSBuild
2016-02-20 18:40:44 ----D---- C:\Program Files (x86)\Adobe
2016-02-20 18:40:02 ----D---- C:\ProgramData\Adobe
2016-02-20 18:39:00 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2016-02-20 18:39:00 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2016-02-20 18:38:59 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-20 18:38:55 ----A---- C:\Windows\system32\TsWpfWrp.exe
2016-02-20 18:38:55 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2016-02-20 18:38:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-20 18:32:00 ----D---- C:\Windows\system32\MRT
2016-02-20 18:31:55 ----A---- C:\Windows\system32\MRT.exe
2016-02-20 18:26:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-20 18:26:27 ----A---- C:\Windows\system32\win32kbase.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\schannel.dll
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\tdx.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\rmcast.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\netio.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-02-20 18:26:26 ----A---- C:\Windows\system32\drivers\afd.sys
2016-02-20 18:26:26 ----A---- C:\Windows\system32\bisrv.dll
2016-02-20 18:26:25 ----A---- C:\Windows\system32\win32kfull.sys
2016-02-20 18:26:25 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-20 18:26:25 ----A---- C:\Windows\system32\jscript9.dll
2016-02-20 18:26:24 ----A---- C:\Windows\SYSWOW64\combase.dll
2016-02-20 18:26:24 ----A---- C:\Windows\system32\wuuhext.dll
2016-02-20 18:26:24 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-02-20 18:26:24 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-02-20 18:26:24 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2016-02-20 18:26:23 ----A---- C:\Windows\system32\edgehtml.dll
2016-02-20 18:26:23 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-02-20 18:26:22 ----A---- C:\Windows\system32\Chakra.dll
2016-02-20 18:26:21 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-20 18:26:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-20 18:26:21 ----A---- C:\Windows\system32\combase.dll
2016-02-20 18:26:20 ----A---- C:\Windows\system32\mshtml.dll
2016-02-20 18:26:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-20 18:26:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-20 18:26:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-20 18:26:18 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-20 18:26:18 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-02-20 18:26:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-20 18:26:15 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-02-20 18:26:14 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-02-20 18:26:14 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-02-20 18:26:13 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-02-20 18:26:13 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-02-20 18:26:13 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-02-20 18:26:13 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-02-20 18:26:08 ----A---- C:\Windows\system32\hlink.dll
2016-02-20 18:26:08 ----A---- C:\Windows\system32\browserbroker.dll
2016-02-20 18:26:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-20 18:26:07 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-02-20 18:26:07 ----A---- C:\Windows\system32\ieframe.dll
2016-02-20 18:26:04 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2016-02-20 18:26:03 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2016-02-20 18:26:03 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-02-20 18:26:03 ----A---- C:\Windows\system32\audiosrv.dll
2016-02-20 18:26:02 ----A---- C:\Windows\system32\dmcsps.dll
2016-02-20 18:26:02 ----A---- C:\Windows\system32\CellularAPI.dll
2016-02-20 18:26:01 ----A---- C:\Windows\system32\Windows.Globalization.dll
2016-02-20 18:26:00 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-02-20 18:25:55 ----A---- C:\Windows\SYSWOW64\LicenseManager.dll
2016-02-20 18:25:55 ----A---- C:\Windows\system32\LicenseManager.dll
2016-02-20 18:25:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-02-20 18:25:54 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-02-20 18:25:54 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-20 18:25:51 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-20 18:25:50 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-02-20 18:25:50 ----A---- C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2016-02-20 18:25:50 ----A---- C:\Windows\system32\esent.dll
2016-02-20 18:25:48 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-20 18:25:48 ----A---- C:\Windows\system32\wininet.dll
2016-02-20 18:25:47 ----A---- C:\Windows\system32\rasmans.dll
2016-02-20 18:25:47 ----A---- C:\Windows\system32\pnidui.dll
2016-02-20 18:25:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-02-20 18:25:46 ----A---- C:\Windows\system32\wwanmm.dll
2016-02-20 18:25:46 ----A---- C:\Windows\system32\winlogon.exe
2016-02-20 18:25:45 ----A---- C:\Windows\system32\shell32.dll
2016-02-20 18:25:44 ----A---- C:\Windows\system32\Windows.UI.dll
2016-02-20 18:25:43 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2016-02-20 18:25:43 ----A---- C:\Windows\system32\WinTypes.dll
2016-02-20 18:25:43 ----A---- C:\Windows\system32\Windows.Media.dll
2016-02-20 18:25:43 ----A---- C:\Windows\system32\usermgrcli.dll
2016-02-20 18:25:42 ----A---- C:\Windows\system32\usermgr.dll
2016-02-20 18:25:41 ----A---- C:\Windows\system32\twinapi.appcore.dll
2016-02-20 18:25:41 ----A---- C:\Windows\system32\TokenBroker.dll
2016-02-20 18:25:41 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-02-20 18:25:40 ----A---- C:\Windows\SYSWOW64\remoteaudioendpoint.dll
2016-02-20 18:25:40 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2016-02-20 18:25:40 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-02-20 18:25:40 ----A---- C:\Windows\system32\twinui.dll
2016-02-20 18:25:40 ----A---- C:\Windows\system32\devenum.dll
2016-02-20 18:25:39 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-02-20 18:25:39 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-02-20 18:25:39 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-02-20 18:25:39 ----A---- C:\Windows\system32\mfvdsp.dll
2016-02-20 18:25:39 ----A---- C:\Windows\system32\mftranscode.dll
2016-02-20 18:25:39 ----A---- C:\Windows\system32\mfcore.dll
2016-02-20 18:25:39 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2016-02-20 18:25:38 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-02-20 18:25:38 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-02-20 18:25:37 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\WinTypes.dll
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2016-02-20 18:25:35 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2016-02-20 18:25:34 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-02-20 18:25:34 ----A---- C:\Windows\SYSWOW64\twinapi.appcore.dll
2016-02-20 18:25:33 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2016-02-20 18:25:33 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-02-20 18:25:33 ----A---- C:\Windows\system32\msxml6.dll
2016-02-20 18:25:32 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2016-02-20 18:25:32 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-02-20 18:25:32 ----A---- C:\Windows\system32\GdiPlus.dll
2016-02-20 18:25:31 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2016-02-20 18:25:31 ----A---- C:\Windows\SYSWOW64\netcenter.dll
2016-02-20 18:25:31 ----A---- C:\Windows\system32\netcenter.dll
2016-02-20 18:25:30 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-20 18:25:30 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-02-20 18:25:30 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-02-20 18:25:30 ----A---- C:\Windows\system32\ntdll.dll
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-02-20 18:25:29 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-02-20 18:25:29 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-02-20 18:25:28 ----A---- C:\Windows\system32\BingMaps.dll
2016-02-20 18:25:28 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-02-20 18:25:28 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-02-20 18:25:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-20 18:25:27 ----A---- C:\Windows\system32\windows.storage.dll
2016-02-20 18:25:26 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-02-20 18:25:26 ----A---- C:\Windows\system32\urlmon.dll
2016-02-20 18:25:26 ----A---- C:\Windows\system32\msxml3.dll
2016-02-20 18:25:25 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-20 18:25:24 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-02-20 18:25:24 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-02-20 18:25:24 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-02-20 18:25:23 ----A---- C:\Windows\system32\workfolderssvc.dll
2016-02-20 18:25:23 ----A---- C:\Windows\system32\quartz.dll
2016-02-20 18:25:22 ----A---- C:\Windows\SYSWOW64\SRHInproc.dll
2016-02-20 18:25:22 ----A---- C:\Windows\system32\SRHInproc.dll
2016-02-20 18:25:22 ----A---- C:\Windows\system32\mos.dll
2016-02-20 18:25:21 ----A---- C:\Windows\SYSWOW64\mos.dll
2016-02-20 18:25:21 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-20 18:25:20 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-02-20 18:25:20 ----A---- C:\Windows\system32\msctf.dll
2016-02-20 18:25:20 ----A---- C:\Windows\system32\hevcdecoder.dll
2016-02-20 18:25:19 ----A---- C:\Windows\SYSWOW64\hevcdecoder.dll
2016-02-20 18:25:19 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-02-20 18:25:19 ----A---- C:\Windows\SYSWOW64\BingMaps.dll
2016-02-20 18:25:19 ----A---- C:\Windows\system32\DataSenseHandlers.dll
2016-02-20 18:25:19 ----A---- C:\Windows\system32\comsvcs.dll
2016-02-20 18:25:18 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-02-20 18:25:18 ----A---- C:\Windows\system32\wwanconn.dll
2016-02-20 18:25:18 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-02-20 18:25:18 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-02-20 18:25:18 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2016-02-20 18:25:17 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-02-20 18:25:17 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\Windows.UI.Logon.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\user32.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-02-20 18:25:17 ----A---- C:\Windows\system32\mfnetcore.dll
2016-02-20 18:25:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-20 18:25:16 ----A---- C:\Windows\system32\aepic.dll
2016-02-20 18:25:16 ----A---- C:\Windows\system32\aeinv.dll
2016-02-20 18:25:15 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-02-20 18:25:14 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-02-20 18:25:12 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-20 18:25:12 ----A---- C:\Windows\system32\kerberos.dll
2016-02-20 18:25:11 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2016-02-20 18:25:11 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2016-02-20 18:25:10 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-02-20 18:25:10 ----A---- C:\Windows\system32\generaltel.dll
2016-02-20 18:25:10 ----A---- C:\Windows\system32\appraiser.dll
2016-02-20 18:25:09 ----A---- C:\Windows\SYSWOW64\SRH.dll
2016-02-20 18:25:09 ----A---- C:\Windows\SYSWOW64\Magnify.exe
2016-02-20 18:25:09 ----A---- C:\Windows\system32\SRH.dll
2016-02-20 18:25:09 ----A---- C:\Windows\system32\Magnify.exe
2016-02-20 18:25:09 ----A---- C:\Windows\system32\CoreUIComponents.dll
2016-02-20 18:25:08 ----A---- C:\Windows\system32\wpx.dll
2016-02-20 18:25:08 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-02-20 18:25:08 ----A---- C:\Windows\system32\mfds.dll
2016-02-20 18:25:08 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2016-02-20 18:25:07 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-02-20 18:25:07 ----A---- C:\Windows\system32\vbscript.dll
2016-02-20 18:25:07 ----A---- C:\Windows\system32\jscript.dll
2016-02-20 18:25:06 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-02-20 18:25:06 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-02-20 18:25:06 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-20 18:25:06 ----A---- C:\Windows\system32\mfsvr.dll
2016-02-20 18:25:06 ----A---- C:\Windows\system32\evr.dll
2016-02-20 18:25:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-20 18:25:05 ----A---- C:\Windows\system32\fveapi.dll
2016-02-20 18:25:04 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-20 18:25:04 ----A---- C:\Windows\system32\iertutil.dll
2016-02-20 18:25:04 ----A---- C:\Windows\system32\advapi32.dll
2016-02-20 18:25:03 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-02-20 18:25:03 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-02-20 18:25:03 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-02-20 18:25:02 ----A---- C:\Windows\SYSWOW64\Windows.UI.Logon.dll
2016-02-20 18:25:02 ----A---- C:\Windows\system32\qedit.dll
2016-02-20 18:24:58 ----A---- C:\Windows\system32\ninput.dll
2016-02-20 18:24:58 ----A---- C:\Windows\system32\ieui.dll
2016-02-20 18:24:58 ----A---- C:\Windows\system32\duser.dll
2016-02-20 18:24:57 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2016-02-20 18:24:57 ----A---- C:\Windows\system32\RDXService.dll
2016-02-20 18:24:57 ----A---- C:\Windows\system32\KnobsCsp.dll
2016-02-20 18:24:57 ----A---- C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-02-20 18:24:56 ----A---- C:\Windows\system32\WUDFx02000.dll
2016-02-20 18:24:56 ----A---- C:\Windows\system32\drivers\pdc.sys
2016-02-20 18:24:56 ----A---- C:\Windows\system32\drivers\gpuenergydrv.sys
2016-02-20 18:24:55 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-20 18:24:55 ----A---- C:\Windows\system32\invagent.dll
2016-02-20 18:24:55 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-02-20 18:24:54 ----A---- C:\Windows\system32\Chakradiag.dll
2016-02-20 18:24:53 ----A---- C:\Windows\SYSWOW64\ninput.dll
2016-02-20 18:24:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-20 18:24:53 ----A---- C:\Windows\SYSWOW64\duser.dll
2016-02-20 18:24:53 ----A---- C:\Windows\system32\wlansvc.dll
2016-02-20 18:24:53 ----A---- C:\Windows\system32\psmsrv.dll
2016-02-20 18:24:53 ----A---- C:\Windows\system32\internetmail.dll
2016-02-20 18:24:52 ----A---- C:\Windows\SYSWOW64\dlnashext.dll
2016-02-20 18:24:52 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2016-02-20 18:24:52 ----A---- C:\Windows\system32\winmde.dll
2016-02-20 18:24:52 ----A---- C:\Windows\system32\dlnashext.dll
2016-02-20 18:24:52 ----A---- C:\Windows\system32\catsrvut.dll
2016-02-20 18:24:51 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-02-20 18:24:51 ----A---- C:\Windows\system32\PimIndexMaintenance.dll
2016-02-20 18:24:51 ----A---- C:\Windows\system32\mfh264enc.dll
2016-02-20 18:24:51 ----A---- C:\Windows\system32\CallHistoryClient.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\UserDataService.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\qdvd.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\ngcsvc.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\ngckeyenum.dll
2016-02-20 18:24:50 ----A---- C:\Windows\system32\devinv.dll
2016-02-20 18:24:49 ----A---- C:\Windows\system32\Windows.UI.Shell.dll
2016-02-20 18:24:49 ----A---- C:\Windows\system32\RemoteNaturalLanguage.dll
2016-02-20 18:24:48 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-02-20 18:24:48 ----A---- C:\Windows\system32\wlidsvc.dll
2016-02-20 18:24:48 ----A---- C:\Windows\system32\UIAutomationCore.dll
2016-02-20 18:24:48 ----A---- C:\Windows\system32\drivers\fastfat.sys
2016-02-20 18:24:47 ----A---- C:\Windows\SYSWOW64\ncryptprov.dll
2016-02-20 18:24:47 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\NetworkDesktopSettings.dll
2016-02-20 18:24:47 ----A---- C:\Windows\system32\ncryptprov.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\wwansvc.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\WWanAPI.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\wifinetworkmanager.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\Unistore.dll
2016-02-20 18:24:46 ----A---- C:\Windows\system32\CoreMessaging.dll
2016-02-20 18:24:45 ----A---- C:\Windows\SYSWOW64\WWanAPI.dll
2016-02-20 18:24:45 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2016-02-20 18:24:45 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-02-20 18:24:44 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-02-20 18:24:44 ----A---- C:\Windows\SYSWOW64\RemoteNaturalLanguage.dll
2016-02-20 18:24:44 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-20 18:24:44 ----A---- C:\Windows\system32\EthernetMediaManager.dll
2016-02-20 18:24:44 ----A---- C:\Windows\system32\drivers\sdbus.sys
2016-02-20 18:24:44 ----A---- C:\Windows\system32\AudioEng.dll
2016-02-20 18:24:43 ----A---- C:\Windows\SYSWOW64\Windows.Speech.Pal.dll
2016-02-20 18:24:43 ----A---- C:\Windows\SYSWOW64\Windows.Media.Speech.dll
2016-02-20 18:24:43 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\Windows.Speech.Pal.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\Windows.Internal.Management.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\profsvc.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\MBMediaManager.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\dmenrollengine.dll
2016-02-20 18:24:43 ----A---- C:\Windows\system32\DeviceEnroller.exe
2016-02-20 18:24:42 ----A---- C:\Windows\SYSWOW64\Unistore.dll
2016-02-20 18:24:42 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2016-02-20 18:24:42 ----A---- C:\Windows\system32\authui.dll
2016-02-20 18:24:41 ----A---- C:\Windows\system32\modernexecserver.dll
2016-02-20 18:24:40 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-02-20 18:24:40 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-02-20 18:24:40 ----A---- C:\Windows\system32\ngccredprov.dll
2016-02-20 18:24:40 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-02-20 18:24:40 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-02-20 18:24:39 ----A---- C:\Windows\system32\Windows.Media.Speech.dll
2016-02-20 18:24:39 ----A---- C:\Windows\system32\dssvc.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Management.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Usb.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\IoTAssignedAccessLockFramework.dll
2016-02-20 18:24:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-20 18:24:38 ----A---- C:\Windows\system32\ContactApis.dll
2016-02-20 18:24:37 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-02-20 18:24:37 ----A---- C:\Windows\system32\winload.exe
2016-02-20 18:24:37 ----A---- C:\Windows\system32\MapControlCore.dll
2016-02-20 18:24:37 ----A---- C:\Windows\system32\accountaccessor.dll
2016-02-20 18:24:36 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2016-02-20 18:24:36 ----A---- C:\Windows\system32\RasMediaManager.dll
2016-02-20 18:24:36 ----A---- C:\Windows\system32\DAMediaManager.dll
2016-02-20 18:24:35 ----A---- C:\Windows\SYSWOW64\rasman.dll
2016-02-20 18:24:35 ----A---- C:\Windows\SYSWOW64\ContactApis.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\wmpmde.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\SharedStartModel.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\remoteaudioendpoint.dll
2016-02-20 18:24:35 ----A---- C:\Windows\system32\rasman.dll
2016-02-20 18:24:34 ----A---- C:\Windows\SYSWOW64\MapControlCore.dll
2016-02-20 18:24:34 ----A---- C:\Windows\system32\wwancfg.dll
2016-02-20 18:24:34 ----A---- C:\Windows\system32\MbaeApi.dll
2016-02-20 18:24:34 ----A---- C:\Windows\system32\directmanipulation.dll
2016-02-20 18:24:33 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-02-20 18:24:33 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2016-02-20 18:24:33 ----A---- C:\Windows\SYSWOW64\AppointmentApis.dll
2016-02-20 18:24:33 ----A---- C:\Windows\system32\wuapi.dll
2016-02-20 18:24:33 ----A---- C:\Windows\system32\VEEventDispatcher.dll
2016-02-20 18:24:33 ----A---- C:\Windows\system32\NotificationController.dll
2016-02-20 18:24:32 ----A---- C:\Windows\SYSWOW64\winmde.dll
2016-02-20 18:24:32 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-20 18:24:32 ----A---- C:\Windows\SYSWOW64\mdmregistration.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\WlanMediaManager.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\NetworkUXBroker.exe
2016-02-20 18:24:32 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\mdmregistration.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\enrollmentapi.dll
2016-02-20 18:24:32 ----A---- C:\Windows\system32\CredProvDataModel.dll
2016-02-20 18:24:31 ----A---- C:\Windows\SYSWOW64\directmanipulation.dll
2016-02-20 18:24:31 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-02-20 18:24:31 ----A---- C:\Windows\system32\wcmsvc.dll
2016-02-20 18:24:31 ----A---- C:\Windows\system32\ChatApis.dll
2016-02-20 18:24:30 ----A---- C:\Windows\SYSWOW64\ChatApis.dll
2016-02-20 18:24:30 ----A---- C:\Windows\SYSWOW64\CredProvDataModel.dll
2016-02-20 18:24:30 ----A---- C:\Windows\system32\tileobjserver.dll
2016-02-20 18:24:30 ----A---- C:\Windows\system32\mfps.dll
2016-02-20 18:24:30 ----A---- C:\Windows\system32\mdmmigrator.dll
2016-02-20 18:24:29 ----A---- C:\Windows\SYSWOW64\VEEventDispatcher.dll
2016-02-20 18:24:29 ----A---- C:\Windows\SYSWOW64\MbaeApi.dll
2016-02-20 18:24:29 ----A---- C:\Windows\system32\omadmapi.dll
2016-02-20 18:24:29 ----A---- C:\Windows\system32\comdlg32.dll
2016-02-20 18:24:28 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-20 18:24:28 ----A---- C:\Windows\system32\LockAppBroker.dll
2016-02-20 18:24:28 ----A---- C:\Windows\system32\gdi32.dll
2016-02-20 18:24:28 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-02-20 18:24:28 ----A---- C:\Windows\system32\dmcertinst.exe
2016-02-20 18:24:27 ----A---- C:\Windows\SYSWOW64\JpMapControl.dll
2016-02-20 18:24:27 ----A---- C:\Windows\SYSWOW64\EmailApis.dll
2016-02-20 18:24:27 ----A---- C:\Windows\system32\winresume.exe
2016-02-20 18:24:25 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-02-20 18:24:25 ----A---- C:\Windows\SYSWOW64\CallHistoryClient.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\MDMAppInstaller.exe
2016-02-20 18:24:25 ----A---- C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\dot3mm.dll
2016-02-20 18:24:25 ----A---- C:\Windows\system32\DAMM.dll
2016-02-20 18:24:24 ----A---- C:\Windows\SYSWOW64\SensorsApi.dll
2016-02-20 18:24:24 ----A---- C:\Windows\SYSWOW64\LockAppBroker.dll
2016-02-20 18:24:24 ----A---- C:\Windows\system32\SensorsApi.dll
2016-02-20 18:24:24 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2016-02-20 18:24:24 ----A---- C:\Windows\system32\acmigration.dll
2016-02-20 18:24:23 ----A---- C:\Windows\system32\ncsi.dll
2016-02-20 18:24:23 ----A---- C:\Windows\system32\HttpsDataSource.dll
2016-02-20 18:24:23 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2016-02-20 18:24:23 ----A---- C:\Windows\system32\drivers\buttonconverter.sys
2016-02-20 18:24:23 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-02-20 18:24:22 ----A---- C:\Windows\SYSWOW64\MessagingDataModel2.dll
2016-02-20 18:24:22 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-20 18:24:22 ----A---- C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-02-20 18:24:21 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\KnobsCore.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\EmailApis.dll
2016-02-20 18:24:21 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2016-02-20 18:24:20 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-02-20 18:24:20 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-02-20 18:24:20 ----A---- C:\Windows\system32\provengine.dll
2016-02-20 18:24:20 ----A---- C:\Windows\system32\mf.dll
2016-02-20 18:24:20 ----A---- C:\Windows\system32\fontdrvhost.exe
2016-02-20 18:24:19 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-02-20 18:24:19 ----A---- C:\Windows\system32\wcmcsp.dll
2016-02-20 18:24:19 ----A---- C:\Windows\system32\JpMapControl.dll
2016-02-20 18:24:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-02-20 18:24:16 ----A---- C:\Windows\SYSWOW64\ztrace_maps.dll
2016-02-20 18:24:16 ----A---- C:\Windows\system32\ztrace_maps.dll
2016-02-20 18:24:16 ----A---- C:\Windows\system32\tetheringservice.dll
2016-02-20 18:24:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-20 18:24:15 ----A---- C:\Windows\system32\SubscriptionMgr.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\VEStoreEventHandlers.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\userenv.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\MessagingDataModel2.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\MapsStore.dll
2016-02-20 18:24:14 ----A---- C:\Windows\system32\cloudAP.dll
2016-02-20 18:24:13 ----A---- C:\Windows\SYSWOW64\UserDataAccountApis.dll
2016-02-20 18:24:13 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2016-02-20 18:24:13 ----A---- C:\Windows\system32\StoreAgent.dll
2016-02-20 18:24:13 ----A---- C:\Windows\system32\drivers\usb8023.sys
2016-02-20 18:24:13 ----A---- C:\Windows\system32\AppointmentApis.dll
2016-02-20 18:24:12 ----A---- C:\Windows\SYSWOW64\usermgrcli.dll
2016-02-20 18:24:12 ----A---- C:\Windows\SYSWOW64\userenv.dll
2016-02-20 18:24:12 ----A---- C:\Windows\SYSWOW64\PhoneCallHistoryApis.dll
2016-02-20 18:24:12 ----A---- C:\Windows\system32\shutdownux.dll
2016-02-20 18:24:12 ----A---- C:\Windows\system32\omadmclient.exe
2016-02-20 18:24:12 ----A---- C:\Windows\system32\MapConfiguration.dll
2016-02-20 18:24:12 ----A---- C:\Windows\system32\LocationWiFiAdapter.dll
2016-02-20 18:24:11 ----A---- C:\Windows\system32\syncmlhook.dll
2016-02-20 18:24:11 ----A---- C:\Windows\system32\drivers\ndis.sys
2016-02-20 18:24:10 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\syncutil.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\LocationWebproxy.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\LocationGeofences.dll
2016-02-20 18:24:10 ----A---- C:\Windows\system32\LicenseManagerShellext.exe
2016-02-20 18:24:09 ----A---- C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-02-20 18:24:09 ----A---- C:\Windows\system32\enterprisecsps.dll
2016-02-20 18:24:08 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-20 18:24:08 ----A---- C:\Windows\system32\wpnapps.dll
2016-02-20 18:24:08 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-20 18:24:08 ----A---- C:\Windows\system32\KBDAZST.DLL
2016-02-20 18:24:08 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-20 18:24:08 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\KBDAZST.DLL
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-20 18:24:07 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-20 18:24:07 ----A---- C:\Windows\system32\wups2.dll
2016-02-20 18:24:07 ----A---- C:\Windows\system32\LocationFramework.dll
2016-02-20 18:24:07 ----A---- C:\Windows\explorer.exe
2016-02-20 18:24:06 ----A---- C:\Windows\system32\LocationPeIP.dll
2016-02-20 18:24:06 ----A---- C:\Windows\system32\LocationCrowdsource.dll
2016-02-20 18:24:05 ----A---- C:\Windows\SYSWOW64\profext.dll
2016-02-20 18:24:05 ----A---- C:\Windows\SYSWOW64\MapConfiguration.dll
2016-02-20 18:24:05 ----A---- C:\Windows\system32\UserDataAccountApis.dll
2016-02-20 18:24:05 ----A---- C:\Windows\system32\profext.dll
2016-02-20 18:24:05 ----A---- C:\Windows\system32\PhoneCallHistoryApis.dll
2016-02-20 18:24:04 ----A---- C:\Windows\system32\wups.dll
2016-02-20 18:24:04 ----A---- C:\Windows\system32\provops.dll
2016-02-20 18:24:04 ----A---- C:\Windows\system32\MPSSVC.dll
2016-02-20 18:24:03 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2016-02-20 18:24:02 ----A---- C:\Windows\system32\nlasvc.dll
2016-02-20 18:24:02 ----A---- C:\Windows\system32\aitstatic.exe
2016-02-20 18:24:01 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-20 18:24:01 ----A---- C:\Windows\SYSWOW64\UserMgrProxy.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\UserMgrProxy.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\provisioningcsp.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\LocationPeWiFi.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\LocationPeCell.dll
2016-02-20 18:24:01 ----A---- C:\Windows\system32\configmanager2.dll
2016-02-20 18:02:30 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2016-02-20 18:02:29 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-02-20 18:02:11 ----D---- C:\Users\Saine\AppData\Roaming\Winamp
2016-02-20 18:00:58 ----D---- C:\Program Files (x86)\Winamp
2016-02-20 17:55:35 ----D---- C:\Users\Saine\AppData\Roaming\CleanMyPC Software
2016-02-20 17:55:34 ----AD---- C:\ProgramData\TEMP
2016-02-20 17:52:02 ----A---- C:\Windows\system32\SppExtComObjHook.dll
2016-02-20 17:52:01 ----A---- C:\Windows\system32\SppExtComObjPatcher.exe
2016-02-20 17:34:35 ----D---- C:\Program Files (x86)\Microsoft Office
2016-02-20 17:34:34 ----D---- C:\Program Files\Microsoft Office 15
2016-02-20 17:30:43 ----D---- C:\Users\Saine\AppData\Roaming\DAEMON Tools Ultra
2016-02-20 17:30:38 ----D---- C:\Program Files (x86)\DAEMON Tools Ultra
2016-02-20 17:26:34 ----D---- C:\ProgramData\DAEMON Tools Ultra
2016-02-20 16:59:53 ----D---- C:\Users\Saine\AppData\Roaming\GHISLER
2016-02-20 16:59:53 ----D---- C:\totalcmd
2016-02-20 16:53:35 ----D---- C:\Users\Saine\AppData\Roaming\WinRAR
2016-02-20 16:52:44 ----D---- C:\Program Files\WinRAR
2016-02-20 16:35:16 ----D---- C:\ProgramData\CodeMeter
2016-02-20 16:35:16 ----D---- C:\Program Files\CodeMeter
2016-02-20 16:35:16 ----D---- C:\Program Files (x86)\CodeMeter
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\WkExt32.dll
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\WibuXpm4J32.dll
2016-02-20 16:34:43 ----A---- C:\Windows\SYSWOW64\wibuKJni.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\WkExt64.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\WibuXpm4J64.dll
2016-02-20 16:34:43 ----A---- C:\Windows\system32\wibuKJni64.dll
2016-02-20 16:34:39 ----A---- C:\Windows\system32\drivers\Wibukey2_64.sys
2016-02-20 16:34:35 ----A---- C:\Windows\SYSWOW64\WkWin32.dll
2016-02-20 16:34:35 ----A---- C:\Windows\system32\WkWin64.dll
2016-02-20 16:34:35 ----A---- C:\Windows\system32\drivers\WibuKey64.sys
2016-02-20 16:34:29 ----D---- C:\Program Files\WIBU-SYSTEMS
2016-02-20 16:34:29 ----D---- C:\Program Files (x86)\WIBU-SYSTEMS
2016-02-20 16:34:29 ----D---- C:\Program Files (x86)\WIBUKEY
2016-02-20 16:29:39 ----D---- C:\Program Files\GRAPHISOFT
2016-02-20 16:29:01 ----D---- C:\Users\Saine\AppData\Roaming\Install.GS
2016-02-20 16:28:46 ----D---- C:\ProgramData\Sun
2016-02-20 16:28:44 ----A---- C:\Windows\SYSWOW64\javaws.exe
2016-02-20 16:28:41 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-02-20 16:28:41 ----A---- C:\Windows\SYSWOW64\javaw.exe
2016-02-20 16:28:40 ----A---- C:\Windows\SYSWOW64\java.exe
2016-02-20 16:28:35 ----D---- C:\Program Files (x86)\Java
2016-02-20 16:20:37 ----D---- C:\Users\Saine\AppData\Roaming\Macromedia
2016-02-20 16:19:41 ----A---- C:\Windows\system32\drivers\HipShieldK.sys
2016-02-20 16:19:07 ----D---- C:\Program Files (x86)\McAfee.com
2016-02-20 16:18:05 ----D---- C:\Program Files\McAfee.com
2016-02-20 16:18:05 ----D---- C:\Program Files\McAfee
2016-02-20 16:17:52 ----D---- C:\Program Files\Common Files\AV
2016-02-20 16:17:50 ----D---- C:\Program Files (x86)\McAfee
2016-02-20 16:09:48 ----A---- C:\Windows\system32\mfevtps.exe
2016-02-20 16:09:45 ----D---- C:\Program Files\Common Files\McAfee
2016-02-20 16:09:40 ----D---- C:\ProgramData\McAfee
2016-02-20 16:06:57 ----D---- C:\Users\Saine\AppData\Roaming\Adobe
2016-02-20 16:06:16 ----SD---- C:\Users\Saine\AppData\Roaming\Microsoft
2016-02-20 15:58:23 ----A---- C:\Windows\system32\drivers\ATK64AMD.sys
2016-02-20 15:58:21 ----A---- C:\Windows\system32\drivers\HECIx64.sys
2016-02-20 15:58:15 ----D---- C:\Program Files\Elantech
2016-02-20 15:58:12 ----A---- C:\Windows\system32\ETDCoInstaller01000.dll
2016-02-20 15:58:12 ----A---- C:\Windows\system32\drivers\ETD.sys
2016-02-20 15:57:56 ----D---- C:\Program Files (x86)\Intel
2016-02-20 15:57:54 ----D---- C:\Intel
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igdumdx32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igdumd32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\SYSWOW64\igd10umd32.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\iglhsip64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\iglhcp64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxtray.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxTMM.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxsrvc.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxsrvc.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxress.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxpph.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxpers.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxext.exe
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxexps.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxdo.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\IGFXDEVLib.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxdev.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxCoIn_v2858.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxcmrt64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igfxcmjit64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igdumd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\igd10umd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\ig4icd64.dll
2016-02-20 15:57:40 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2016-02-20 15:57:39 ----A---- C:\Windows\SYSWOW64\ig4icd32.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\hkcmd.exe
2016-02-20 15:57:39 ----A---- C:\Windows\system32\hccutils.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\GfxUI.exe
2016-02-20 15:57:39 ----A---- C:\Windows\system32\gfxSrvc.dll
2016-02-20 15:57:39 ----A---- C:\Windows\system32\difx64.exe
2016-02-20 15:53:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-20 15:50:00 ----D---- C:\Windows\SoftwareDistribution
2016-02-20 12:58:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-20 12:56:25 ----D---- C:\Windows\CSC
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Šablony
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Plocha
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Nabídka Start
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Dokumenty
2016-02-20 12:54:24 ----SHD---- C:\ProgramData\Data aplikací
2016-02-20 12:53:59 ----ASH---- C:\hiberfil.sys
2016-02-20 12:52:15 ----SHD---- C:\Recovery
2016-02-20 12:50:19 ----D---- C:\Windows\Prefetch
2016-02-20 12:49:44 ----ASH---- C:\swapfile.sys
2016-02-20 12:49:44 ----ASH---- C:\pagefile.sys
2016-02-20 12:49:42 ----SHD---- C:\System Volume Information
2016-02-20 12:49:18 ----D---- C:\Windows\Panther
2016-02-20 12:49:06 ----RASH---- C:\BOOTSECT.BAK
2016-02-20 12:49:04 ----SHD---- C:\Boot

======List of files/folders modified in the last 1 month======

2016-02-21 16:11:31 ----D---- C:\Windows\Temp
2016-02-21 16:11:30 ----D---- C:\Windows\system32\sru
2016-02-21 16:09:59 ----D---- C:\Windows\System32
2016-02-21 16:09:33 ----HD---- C:\ProgramData
2016-02-21 16:09:10 ----D---- C:\Windows\system32\drivers
2016-02-21 16:01:54 ----D---- C:\Windows\Microsoft.NET
2016-02-21 16:01:52 ----D---- C:\Windows\WinSxS
2016-02-21 15:59:27 ----D---- C:\Windows\system32\config
2016-02-21 15:59:24 ----D---- C:\Windows\CbsTemp
2016-02-21 14:15:40 ----D---- C:\Windows\system32\Tasks
2016-02-21 14:06:50 ----D---- C:\Windows\system32\CatRoot
2016-02-21 14:06:20 ----HD---- C:\Windows\ELAMBKUP
2016-02-21 14:05:32 ----D---- C:\Windows\INF
2016-02-21 14:05:00 ----RD---- C:\Windows\assembly
2016-02-21 14:04:01 ----D---- C:\Program Files\Common Files
2016-02-21 11:49:40 ----D---- C:\Windows\Tasks
2016-02-21 11:22:05 ----SHD---- C:\Windows\Installer
2016-02-21 10:43:53 ----D---- C:\Windows\SysWOW64
2016-02-21 10:31:50 ----RD---- C:\Program Files (x86)
2016-02-21 10:25:18 ----SD---- C:\Windows\SYSWOW64\F12
2016-02-21 10:25:18 ----D---- C:\Windows\SYSWOW64\migration
2016-02-21 10:25:18 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-21 10:25:13 ----D---- C:\Windows\system32\WinBioPlugIns
2016-02-21 10:25:12 ----SD---- C:\Windows\system32\F12
2016-02-21 10:25:12 ----D---- C:\Windows\system32\SystemResetPlatform
2016-02-21 10:25:12 ----D---- C:\Windows\system32\oobe
2016-02-21 10:25:12 ----D---- C:\Windows\system32\migration
2016-02-21 10:25:12 ----D---- C:\Windows\system32\cs-CZ
2016-02-21 10:25:12 ----D---- C:\Windows\system32\Boot
2016-02-21 10:25:12 ----D---- C:\Windows\system32\appraiser
2016-02-21 10:25:09 ----RD---- C:\Windows\PurchaseDialog
2016-02-21 10:25:09 ----D---- C:\Windows\Provisioning
2016-02-21 10:25:06 ----RSD---- C:\Windows\Fonts
2016-02-21 10:25:06 ----D---- C:\Windows\L2Schemas
2016-02-21 10:25:06 ----D---- C:\Windows\AppPatch
2016-02-21 10:25:06 ----D---- C:\Windows
2016-02-21 10:25:06 ----D---- C:\Program Files\Windows Journal
2016-02-21 10:25:06 ----D---- C:\Program Files\Internet Explorer
2016-02-21 10:25:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-21 10:25:05 ----D---- C:\Windows\system32\CodeIntegrity
2016-02-21 10:25:03 ----D---- C:\Windows\system32\DriverStore
2016-02-21 09:15:03 ----RD---- C:\Program Files
2016-02-20 23:45:15 ----D---- C:\Windows\Logs
2016-02-20 22:01:48 ----HD---- C:\$WINDOWS.~BT
2016-02-20 19:01:59 ----D---- C:\Windows\system32\WinBioDatabase
2016-02-20 18:42:09 ----D---- C:\Windows\SYSWOW64\MUI
2016-02-20 18:42:09 ----D---- C:\Windows\system32\MUI
2016-02-20 18:40:44 ----D---- C:\Program Files (x86)\Common Files
2016-02-20 18:39:30 ----D---- C:\Windows\system32\catroot2
2016-02-20 18:35:27 ----SD---- C:\ProgramData\Microsoft
2016-02-20 18:32:00 ----D---- C:\Windows\debug
2016-02-20 18:18:02 ----HD---- C:\Program Files\WindowsApps
2016-02-20 17:41:25 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-02-20 17:41:05 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-02-20 17:34:31 ----D---- C:\Program Files\Common Files\microsoft shared
2016-02-20 16:57:43 ----D---- C:\Windows\AppReadiness
2016-02-20 16:24:19 ----RD---- C:\Users
2016-02-20 16:09:05 ----SHD---- C:\$Recycle.Bin
2016-02-20 16:08:24 ----D---- C:\Windows\system32\WDI
2016-02-20 12:55:44 ----D---- C:\Windows\rescache
2016-02-20 12:54:24 ----D---- C:\Program Files\Windows NT
2016-02-20 12:52:15 ----D---- C:\Windows\system32\Recovery
2016-02-20 12:52:12 ----D---- C:\Windows\system32\Sysprep
2016-02-20 12:50:22 ----D---- C:\Windows\system32\drivers\UMDF
2016-02-02 23:47:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2015-11-25 846080]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2015-11-25 245096]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R1 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys [2008-01-02 24848]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athwnx.sys [2015-06-18 4207104]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2015-11-25 79248]
R3 dtlitescsibus;@oem9.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-02-21 30264]
R3 dtliteusbbus;@oem10.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-02-21 47672]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2016-02-20 525512]
R3 HECIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\Windows\System32\drivers\HECIx64.sys [2016-02-20 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-02-20 12311776]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-02-21 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 64216]
R3 mfeaack;McAfee Inc. mfeaack; C:\Windows\system32\drivers\mfeaack.sys [2015-11-25 419624]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2015-11-25 351144]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2015-11-25 496368]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2015-11-20 539496]
R3 MTsensor;@oem5.inf,%ATKACPI.DisplayName%;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2016-02-20 13680]
R3 NETJME;@netjme.inf,%JME_Service_DispName%;JMicron Ethernet Adapter NDIS6.30 Driver (Amd64 Bits); C:\Windows\System32\drivers\NETJME.sys [2015-06-18 137728]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-11-25 83096]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 116736]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2015-05-19 207208]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2015-11-20 109480]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-09-10 934752]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-09-10 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 27488]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2015-08-16 2776664]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2013-11-15 3105144]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2016-02-20 144072]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2016-01-08 863448]
R2 McBootDelayStartSvc;McAfee Boot Delay Start Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2016-01-21 380896]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2015-12-14 902112]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2015-11-18 234192]
R3 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2015-11-18 275368]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [2015-12-02 1694152]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2016-01-08 681680]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 56344]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-08-16 204360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-09-10 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\Windows\System32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 21 úno 2016 17:44

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

saesa · #9 Příspěvek od **saesa** » 21 úno 2016 18:29

Tak nakonec jsem provedl reinstal windows a zatím to funguje bezchybně. Děkuji za pomoc, aspoň příště budu vědět jak postupovat.

#10 Příspěvek od **Rudy** » 21 úno 2016 18:42

Také řešení.

Nemáte zač!

VIRY.CZ

Vir adf.ly

Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly

Re: Vir adf.ly