Zdravím! Poslednú dobu mám spomalený PC a mrzne lišta po zapojení usb. Prosím preto o kontrolu logu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ricardino at 2016-03-09 19:55:08
Microsoft Windows 10 Home
System drive C: has 382 GB (84%) free of 456 GB
Total RAM: 16296 MB (88% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:11, on 9.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Ricardino.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13455 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-90486846-3b09-4ec7-9c12-ebd0372c3fb9 -SystemEventPortName:HostProcess-a6c48611-86aa-4bc6-b525-94df30c422aa -IoCancelEventPortName:HostProcess-57199bb7-ad03-499e-96a7-f40121c67c26 -NonStateChangingEventPortName:HostProcess-f47a09bc-f0e4-479f-83b7-17782006325d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2b9df54e-416d-4fdb-99a3-cbda870f0e61 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\igfxCUIService.exe
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\windows\AutoKMS\AutoKMS.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
dashost.exe {90a9ad6b-5e72-4217-a6b63a3ab20a3b70}
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskeng.exe {7310CB55-42CF-4AB2-A7A6-3B0587F87FFB}
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
igfxEM.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
wmiadap.exe /R /T
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 644 652 8192 648
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\wermgr.exe -upload
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Programy\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d041401ac3b372.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d091142e5862b2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa37948bd6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-15 553056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-15 214112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EpicScale"= []
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-09 19:55:08 ----D---- C:\rsit
2016-03-04 17:49:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:13 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-04 17:49:09 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-04 17:49:09 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-04 17:49:04 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-04 17:49:04 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-04 17:48:59 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-04 17:48:59 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-02-12 16:09:05 ----SHD---- C:\Config.Msi
2016-02-10 18:56:19 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-02-10 18:54:05 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-02-10 18:54:05 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-02-10 18:54:04 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-02-10 18:54:03 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-02-10 18:54:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-02-10 18:54:03 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-02-10 18:54:02 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\system32\combase.dll
2016-02-10 18:54:02 ----A---- C:\WINDOWS\explorer.exe
2016-02-10 18:54:01 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 18:54:01 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\ztrace_maps.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\SYSWOW64\cfgbkend.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\systemreset.exe
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\OpenWith.exe
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\iassam.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\hlink.dll
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-02-10 18:54:00 ----A---- C:\WINDOWS\system32\cfgbkend.dll
======List of files/folders modified in the last 1 month======
2016-03-09 19:55:11 ----D---- C:\Program Files\trend micro
2016-03-09 19:55:05 ----D---- C:\WINDOWS\Temp
2016-03-09 19:54:31 ----D---- C:\WINDOWS\Prefetch
2016-03-09 19:53:45 ----D---- C:\WINDOWS\System32
2016-03-09 19:53:45 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-09 17:32:33 ----D---- C:\WINDOWS\system32\sru
2016-03-09 17:25:11 ----D---- C:\WINDOWS\INF
2016-03-09 17:25:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-09 17:23:50 ----D---- C:\Windows
2016-03-09 17:17:01 ----D---- C:\WINDOWS\system32\Tasks
2016-03-09 13:36:37 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2016-03-09 11:17:07 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-09 10:54:08 ----HD---- C:\Program Files\WindowsApps
2016-03-09 10:53:17 ----D---- C:\WINDOWS\AppReadiness
2016-03-09 10:23:44 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2016-03-09 10:23:12 ----D---- C:\WINDOWS\debug
2016-03-09 10:22:51 ----D---- C:\WINDOWS\system32\config
2016-03-09 10:20:43 ----D---- C:\WINDOWS\system32\catroot2
2016-03-09 10:20:27 ----D---- C:\WINDOWS\WinSxS
2016-03-09 10:19:03 ----D---- C:\WINDOWS\CbsTemp
2016-03-09 10:13:36 ----D---- C:\WINDOWS\system32\drivers
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SysWOW64
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\wbem
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\migration
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Boot
2016-03-09 10:12:03 ----D---- C:\WINDOWS\system32\appraiser
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Media
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Fonts
2016-03-09 10:12:02 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-09 10:12:02 ----D---- C:\WINDOWS\bcastdvr
2016-03-09 10:12:02 ----D---- C:\WINDOWS\AppPatch
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Portable Devices
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Media Player
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Journal
2016-03-09 10:12:02 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-09 10:12:02 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 10:12:02 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 10:12:01 ----D---- C:\Program Files\Internet Explorer
2016-03-09 10:12:00 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-07 18:50:17 ----SHD---- C:\System Volume Information
2016-03-05 18:01:50 ----D---- C:\WINDOWS\LiveKernelReports
2016-03-04 18:21:25 ----D---- C:\WINDOWS\system32\NDF
2016-03-04 17:46:02 ----SHDC---- C:\WINDOWS\Installer
2016-03-04 17:44:13 ----A---- C:\IFRToolLog.txt
2016-02-15 18:18:36 ----D---- C:\Users\Ricardino\AppData\Roaming\DAEMON Tools Lite
2016-02-15 18:18:36 ----AD---- C:\Program Files (x86)\TeamViewer
2016-02-15 18:14:15 ----D---- C:\Users\Ricardino\AppData\Roaming\TeamViewer
2016-02-15 18:14:13 ----D---- C:\Users\Ricardino\AppData\Roaming\Skype
2016-02-15 18:12:58 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-15 18:12:46 ----D---- C:\Program Files\Java
2016-02-15 18:12:23 ----AD---- C:\Program Files\Defraggler
2016-02-14 20:27:21 ----D---- C:\ProgramData\Oracle
2016-02-14 20:24:03 ----D---- C:\Program Files (x86)\Common Files
2016-02-14 11:53:26 ----D---- C:\WINDOWS\rescache
2016-02-12 16:09:12 ----RSD---- C:\WINDOWS\assembly
2016-02-11 23:15:52 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-02-11 23:15:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-02-11 23:15:52 ----D---- C:\WINDOWS\system32\sk-SK
2016-02-11 23:15:52 ----D---- C:\WINDOWS\system32\en-US
2016-02-11 17:46:05 ----RD---- C:\Program Files
2016-02-11 17:37:39 ----D---- C:\WINDOWS\Tasks
2016-02-11 17:37:19 ----HD---- C:\ProgramData
2016-02-11 16:16:10 ----D---- C:\WINDOWS\system32\MRT
2016-02-11 15:48:44 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem69.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;@oem92.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem47.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2015-10-30 84992]
R3 ETD;@oem54.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem30.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem72.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem91.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-10-30 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem42.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem89.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem45.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tapoas;@oem36.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-02-23 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem2.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem70.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-06-11 124800]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-05-04 379392]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;@oem11.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S3 tap0901;@oem9.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 MessagingService_3d808;MessagingService_3d808; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_128a440;MessagingService_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_55f37e7;MessagingService_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_128a440;Sync Host_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3d808;Sync Host_3d808; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55f37e7;Sync Host_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_128a440;Contact Data_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3d808;Contact Data_3d808; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55f37e7;Contact Data_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-03-08 835152]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
SyncMaster
- Návštěvník
- Příspěvky: 471
- Registrován: 15 led 2011 14:21
Re: Prosím o kontrolu logu
# AdwCleaner v5.101 - Logfile created 10/03/2016 at 23:06:04
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Ricardino - RICHARD
# Running from : C:\Users\Ricardino\Desktop\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Ricardino\AppData\Local\pokki
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
***** [ Web browsers ] *****
[-] [C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.dosearches.com/?utm_source=b&utm_me ... 1383772572
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1465 bytes] - [10/03/2016 23:06:04]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1580 bytes] - [10/03/2016 23:04:33]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1651 bytes] ##########
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Ricardino - RICHARD
# Running from : C:\Users\Ricardino\Desktop\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Ricardino\AppData\Local\pokki
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
***** [ Web browsers ] *****
[-] [C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.dosearches.com/?utm_source=b&utm_me ... 1383772572
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1465 bytes] - [10/03/2016 23:06:04]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1580 bytes] - [10/03/2016 23:04:33]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1651 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
SyncMaster
- Návštěvník
- Příspěvky: 471
- Registrován: 15 led 2011 14:21
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ricardino at 2016-03-13 17:52:55
Microsoft Windows 10 Home
System drive C: has 379 GB (83%) free of 456 GB
Total RAM: 16296 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:53:04, on 13.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.4\software_reporter_tool.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ricardino.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14174 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f9f69b64-68a2-489a-bea8-8607a886c1a0 -SystemEventPortName:HostProcess-4bde18a5-2ca1-4083-a92b-3506a9734b81 -IoCancelEventPortName:HostProcess-bcadd369-6964-4113-a3e1-7cc1450f1236 -NonStateChangingEventPortName:HostProcess-1598f538-d871-4f68-9d8a-044452431c3a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eb783c9e-255d-47aa-954c-a9f25b1ad5fd -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
dashost.exe {88921987-5412-4c6f-b47d6a0276ee0bbf}
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
adb fork-server server
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskeng.exe {500EC35F-3C4B-4F89-BB29-924E3D437699}
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\windows\AutoKMS\AutoKMS.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
igfxEM.exe
"C:\Program Files\Elantech\ETDIntelligent.exe"
igfxTray.exe
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe47_ Global\UsGthrCtrlFltPipeMssGthrPipe47 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 644 648 656 8192 652
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-100148_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-100148 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.87 --handshake-handle=0x1ac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3052.0.1697413182\2026316392" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4331 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.1.963831553\360325643" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.2.785679080\13705203" /prefetch:1
"C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.4\software_reporter_tool.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.3.1729857587\202243351" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.5.1153913467\782993561" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.6.1309282226\1855584076" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.7.1266731292\1415799357" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3052.8.1676813472\1440029605" --ppapi-flash-args --lang=sk --device-scale-factor=1 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"D:\Programy\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6801.23751.0_x64__8wekyb3d8bbwe\HubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppXczch7hf9576qpxqh411t8e5g6baj2p43.mca
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d041401ac3b372.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d091142e5862b2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa37948bd6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-15 553056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-15 214112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EpicScale"= []
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-10 23:04:26 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-09 22:08:59 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 22:08:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-09 22:08:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 22:08:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-09 22:08:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 22:08:51 ----A---- C:\WINDOWS\system32\WSService.dll
2016-03-09 22:08:50 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 22:08:49 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\SRH.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\EmailApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\VCardParser.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\SYSWOW64\cemapi.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\cemapi.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AuthHost.exe
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\POSyncServices.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-09 22:08:24 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\ExtrasXmlParser.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\wpninprc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\ExSMime.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\dssvc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\AppxSip.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\fwbase.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataLanguageUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-03-09 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\UserDataTypeHelperUtil.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\profext.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-09 22:08:18 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-03-09 19:55:08 ----D---- C:\rsit
2016-03-04 17:49:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-04 17:49:04 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-04 17:48:59 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-04 17:48:57 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\accountaccessor.dll
======List of files/folders modified in the last 1 month======
2016-03-13 17:53:00 ----D---- C:\Program Files\trend micro
2016-03-13 17:52:54 ----D---- C:\WINDOWS\Prefetch
2016-03-13 17:52:13 ----D---- C:\WINDOWS\system32\sru
2016-03-13 17:52:01 ----D---- C:\WINDOWS\Temp
2016-03-13 17:51:37 ----D---- C:\WINDOWS\System32
2016-03-13 17:51:37 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-11 15:56:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-03-11 15:38:17 ----D---- C:\WINDOWS\system32\config
2016-03-11 14:38:04 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2016-03-11 11:38:53 ----D---- C:\WINDOWS\AppReadiness
2016-03-11 11:38:52 ----HD---- C:\Program Files\WindowsApps
2016-03-11 10:06:12 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2016-03-11 09:57:58 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-11 09:57:01 ----RSD---- C:\WINDOWS\assembly
2016-03-11 09:55:36 ----D---- C:\WINDOWS\CbsTemp
2016-03-11 09:55:33 ----D---- C:\WINDOWS\WinSxS
2016-03-11 09:55:32 ----D---- C:\WINDOWS\SysWOW64
2016-03-11 09:05:24 ----D---- C:\WINDOWS\system32\NDF
2016-03-11 08:52:06 ----D---- C:\WINDOWS\system32\Tasks
2016-03-10 23:16:33 ----D---- C:\WINDOWS\INF
2016-03-10 23:12:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-10 23:08:47 ----D---- C:\WINDOWS\system32\drivers
2016-03-10 23:06:59 ----D---- C:\WINDOWS\system32\migration
2016-03-10 23:06:57 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-10 23:06:57 ----D---- C:\WINDOWS\AppPatch
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Media Player
2016-03-10 23:06:57 ----D---- C:\Program Files\Internet Explorer
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 23:06:04 ----HD---- C:\ProgramData
2016-03-10 23:04:26 ----RD---- C:\Program Files (x86)
2016-03-09 22:36:30 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 22:32:09 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-09 22:30:48 ----SHD---- C:\System Volume Information
2016-03-09 21:59:09 ----D---- C:\WINDOWS\system32\catroot2
2016-03-09 17:23:50 ----D---- C:\Windows
2016-03-09 10:23:12 ----D---- C:\WINDOWS\debug
2016-03-09 10:13:34 ----SHD---- C:\Config.Msi
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\wbem
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Boot
2016-03-09 10:12:03 ----D---- C:\WINDOWS\system32\appraiser
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Media
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Fonts
2016-03-09 10:12:02 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-09 10:12:02 ----D---- C:\WINDOWS\bcastdvr
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Journal
2016-03-08 08:12:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-05 18:01:50 ----D---- C:\WINDOWS\LiveKernelReports
2016-03-04 17:46:02 ----SHDC---- C:\WINDOWS\Installer
2016-03-04 17:44:13 ----A---- C:\IFRToolLog.txt
2016-02-15 18:18:36 ----D---- C:\Users\Ricardino\AppData\Roaming\DAEMON Tools Lite
2016-02-15 18:18:36 ----AD---- C:\Program Files (x86)\TeamViewer
2016-02-15 18:14:15 ----D---- C:\Users\Ricardino\AppData\Roaming\TeamViewer
2016-02-15 18:14:13 ----D---- C:\Users\Ricardino\AppData\Roaming\Skype
2016-02-15 18:13:41 ----D---- C:\ProgramData\Skype
2016-02-15 18:12:58 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-15 18:12:46 ----D---- C:\Program Files\Java
2016-02-15 18:12:23 ----AD---- C:\Program Files\Defraggler
2016-02-14 20:27:22 ----D---- C:\ProgramData\Oracle
2016-02-14 20:24:03 ----D---- C:\Program Files (x86)\Common Files
2016-02-14 11:53:26 ----D---- C:\WINDOWS\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem69.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;@oem92.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem47.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-02-24 84992]
R3 ETD;@oem54.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem30.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem72.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem91.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-10-30 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem42.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem89.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem45.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tapoas;@oem36.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-02-24 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem2.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem70.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-06-11 124800]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-05-04 379392]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;@oem11.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S3 tap0901;@oem9.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 MessagingService_fd2e06;MessagingService_fd2e06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_128a440;MessagingService_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_55f37e7;MessagingService_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_128a440;Sync Host_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55f37e7;Sync Host_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_fd2e06;Sync Host_fd2e06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_128a440;Contact Data_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55f37e7;Contact Data_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_fd2e06;Contact Data_fd2e06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-03-10 835152]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Run by Ricardino at 2016-03-13 17:52:55
Microsoft Windows 10 Home
System drive C: has 379 GB (83%) free of 456 GB
Total RAM: 16296 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:53:04, on 13.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.4\software_reporter_tool.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ricardino.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14174 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f9f69b64-68a2-489a-bea8-8607a886c1a0 -SystemEventPortName:HostProcess-4bde18a5-2ca1-4083-a92b-3506a9734b81 -IoCancelEventPortName:HostProcess-bcadd369-6964-4113-a3e1-7cc1450f1236 -NonStateChangingEventPortName:HostProcess-1598f538-d871-4f68-9d8a-044452431c3a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eb783c9e-255d-47aa-954c-a9f25b1ad5fd -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
dashost.exe {88921987-5412-4c6f-b47d6a0276ee0bbf}
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
adb fork-server server
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskeng.exe {500EC35F-3C4B-4F89-BB29-924E3D437699}
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\windows\AutoKMS\AutoKMS.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
igfxEM.exe
"C:\Program Files\Elantech\ETDIntelligent.exe"
igfxTray.exe
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe47_ Global\UsGthrCtrlFltPipeMssGthrPipe47 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 644 648 656 8192 652
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-100148_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-100148 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.87 --handshake-handle=0x1ac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3052.0.1697413182\2026316392" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4331 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.1.963831553\360325643" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.2.785679080\13705203" /prefetch:1
"C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.4\software_reporter_tool.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.3.1729857587\202243351" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.5.1153913467\782993561" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.6.1309282226\1855584076" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3052.7.1266731292\1415799357" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3052.8.1676813472\1440029605" --ppapi-flash-args --lang=sk --device-scale-factor=1 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"D:\Programy\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6801.23751.0_x64__8wekyb3d8bbwe\HubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppXczch7hf9576qpxqh411t8e5g6baj2p43.mca
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d041401ac3b372.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d091142e5862b2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa37948bd6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-15 553056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-15 214112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EpicScale"= []
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 594992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-10 23:04:26 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-09 22:08:59 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 22:08:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-09 22:08:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 22:08:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-09 22:08:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 22:08:51 ----A---- C:\WINDOWS\system32\WSService.dll
2016-03-09 22:08:50 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 22:08:49 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\SRH.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\EmailApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\VCardParser.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\SYSWOW64\cemapi.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\cemapi.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AuthHost.exe
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\POSyncServices.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-09 22:08:24 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\ExtrasXmlParser.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\wpninprc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\ExSMime.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\dssvc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\AppxSip.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\fwbase.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataLanguageUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-03-09 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\UserDataTypeHelperUtil.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\profext.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-09 22:08:18 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-03-09 19:55:08 ----D---- C:\rsit
2016-03-04 17:49:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-04 17:49:04 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-04 17:48:59 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-04 17:48:57 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\accountaccessor.dll
======List of files/folders modified in the last 1 month======
2016-03-13 17:53:00 ----D---- C:\Program Files\trend micro
2016-03-13 17:52:54 ----D---- C:\WINDOWS\Prefetch
2016-03-13 17:52:13 ----D---- C:\WINDOWS\system32\sru
2016-03-13 17:52:01 ----D---- C:\WINDOWS\Temp
2016-03-13 17:51:37 ----D---- C:\WINDOWS\System32
2016-03-13 17:51:37 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-11 15:56:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-03-11 15:38:17 ----D---- C:\WINDOWS\system32\config
2016-03-11 14:38:04 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2016-03-11 11:38:53 ----D---- C:\WINDOWS\AppReadiness
2016-03-11 11:38:52 ----HD---- C:\Program Files\WindowsApps
2016-03-11 10:06:12 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2016-03-11 09:57:58 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-11 09:57:01 ----RSD---- C:\WINDOWS\assembly
2016-03-11 09:55:36 ----D---- C:\WINDOWS\CbsTemp
2016-03-11 09:55:33 ----D---- C:\WINDOWS\WinSxS
2016-03-11 09:55:32 ----D---- C:\WINDOWS\SysWOW64
2016-03-11 09:05:24 ----D---- C:\WINDOWS\system32\NDF
2016-03-11 08:52:06 ----D---- C:\WINDOWS\system32\Tasks
2016-03-10 23:16:33 ----D---- C:\WINDOWS\INF
2016-03-10 23:12:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-10 23:08:47 ----D---- C:\WINDOWS\system32\drivers
2016-03-10 23:06:59 ----D---- C:\WINDOWS\system32\migration
2016-03-10 23:06:57 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-10 23:06:57 ----D---- C:\WINDOWS\AppPatch
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Media Player
2016-03-10 23:06:57 ----D---- C:\Program Files\Internet Explorer
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 23:06:04 ----HD---- C:\ProgramData
2016-03-10 23:04:26 ----RD---- C:\Program Files (x86)
2016-03-09 22:36:30 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 22:32:09 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-09 22:30:48 ----SHD---- C:\System Volume Information
2016-03-09 21:59:09 ----D---- C:\WINDOWS\system32\catroot2
2016-03-09 17:23:50 ----D---- C:\Windows
2016-03-09 10:23:12 ----D---- C:\WINDOWS\debug
2016-03-09 10:13:34 ----SHD---- C:\Config.Msi
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\wbem
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Boot
2016-03-09 10:12:03 ----D---- C:\WINDOWS\system32\appraiser
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Media
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Fonts
2016-03-09 10:12:02 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-09 10:12:02 ----D---- C:\WINDOWS\bcastdvr
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Journal
2016-03-08 08:12:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-05 18:01:50 ----D---- C:\WINDOWS\LiveKernelReports
2016-03-04 17:46:02 ----SHDC---- C:\WINDOWS\Installer
2016-03-04 17:44:13 ----A---- C:\IFRToolLog.txt
2016-02-15 18:18:36 ----D---- C:\Users\Ricardino\AppData\Roaming\DAEMON Tools Lite
2016-02-15 18:18:36 ----AD---- C:\Program Files (x86)\TeamViewer
2016-02-15 18:14:15 ----D---- C:\Users\Ricardino\AppData\Roaming\TeamViewer
2016-02-15 18:14:13 ----D---- C:\Users\Ricardino\AppData\Roaming\Skype
2016-02-15 18:13:41 ----D---- C:\ProgramData\Skype
2016-02-15 18:12:58 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-15 18:12:46 ----D---- C:\Program Files\Java
2016-02-15 18:12:23 ----AD---- C:\Program Files\Defraggler
2016-02-14 20:27:22 ----D---- C:\ProgramData\Oracle
2016-02-14 20:24:03 ----D---- C:\Program Files (x86)\Common Files
2016-02-14 11:53:26 ----D---- C:\WINDOWS\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem69.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;@oem92.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem47.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-02-24 84992]
R3 ETD;@oem54.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem30.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem72.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem91.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-10-30 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem42.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem89.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem45.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tapoas;@oem36.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-02-24 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem2.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem70.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-06-11 124800]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-05-04 379392]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;@oem11.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S3 tap0901;@oem9.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 MessagingService_fd2e06;MessagingService_fd2e06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_128a440;MessagingService_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_55f37e7;MessagingService_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_128a440;Sync Host_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55f37e7;Sync Host_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_fd2e06;Sync Host_fd2e06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_128a440;Contact Data_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55f37e7;Contact Data_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_fd2e06;Contact Data_fd2e06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-03-10 835152]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d041401ac3b372.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d091142e5862b2.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfa37948bd6.job
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
SyncMaster
- Návštěvník
- Příspěvky: 471
- Registrován: 15 led 2011 14:21
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ricardino at 2016-03-13 18:24:59
Microsoft Windows 10 Home
System drive C: has 379 GB (83%) free of 456 GB
Total RAM: 16296 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:02, on 13.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ricardino.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13771 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-958817a7-b84e-402a-98c6-069aabcc7a95 -SystemEventPortName:HostProcess-03bb4fe2-c89e-4108-b40c-8cfa29ae10b7 -IoCancelEventPortName:HostProcess-01d4f569-19ee-409a-a138-fb51b0a4db8e -NonStateChangingEventPortName:HostProcess-69895f9b-989d-4047-895f-d55486dbe6ea -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2185984e-98f8-44da-827d-61edfd8a3a8e -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
dashost.exe {bb172b13-7651-4075-bd63aadf3aa20fd9}
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
taskeng.exe {3CBF22AA-62DE-4E77-9643-5E760961102F}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxTray.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 8192 632
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
wmiadap.exe /R /T
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
adb fork-server server
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.87 --handshake-handle=0x1ac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7372.0.1600152589\1311623920" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4331 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.1.388193915\1921218357" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.2.187982374\1663559355" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.3.1163738824\637153723" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.4.467690546\654503470" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.5.590785398\1325783974" /prefetch:1
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Programy\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-15 553056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-15 214112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EpicScale"= []
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-13 18:21:49 ----D---- C:\_OTM
2016-03-10 23:04:26 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-09 22:08:59 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 22:08:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-09 22:08:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 22:08:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-09 22:08:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 22:08:51 ----A---- C:\WINDOWS\system32\WSService.dll
2016-03-09 22:08:50 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 22:08:49 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\SRH.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\EmailApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\VCardParser.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\SYSWOW64\cemapi.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\cemapi.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AuthHost.exe
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\POSyncServices.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-09 22:08:24 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\ExtrasXmlParser.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\wpninprc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\ExSMime.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\dssvc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\AppxSip.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\fwbase.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataLanguageUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-03-09 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\UserDataTypeHelperUtil.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\profext.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-09 22:08:18 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-03-09 19:55:08 ----D---- C:\rsit
2016-03-04 17:49:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-04 17:49:04 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-04 17:48:59 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-04 17:48:57 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\accountaccessor.dll
======List of files/folders modified in the last 1 month======
2016-03-13 18:25:01 ----D---- C:\Program Files\trend micro
2016-03-13 18:24:56 ----D---- C:\WINDOWS\system32\Tasks
2016-03-13 18:24:27 ----D---- C:\WINDOWS\Temp
2016-03-13 18:24:21 ----D---- C:\WINDOWS\Prefetch
2016-03-13 18:23:44 ----D---- C:\WINDOWS\System32
2016-03-13 18:23:44 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-13 18:22:19 ----D---- C:\WINDOWS\system32\sru
2016-03-13 18:22:03 ----D---- C:\WINDOWS\SysWOW64
2016-03-13 18:21:49 ----D---- C:\WINDOWS\Tasks
2016-03-13 18:05:53 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-13 18:05:37 ----D---- C:\WINDOWS\WinSxS
2016-03-13 18:02:33 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-13 18:02:29 ----D---- C:\WINDOWS\system32\config
2016-03-13 17:59:02 ----D---- C:\WINDOWS\AppReadiness
2016-03-13 17:59:00 ----HD---- C:\Program Files\WindowsApps
2016-03-11 15:56:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-03-11 14:38:04 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2016-03-11 10:06:12 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2016-03-11 09:57:01 ----RSD---- C:\WINDOWS\assembly
2016-03-11 09:55:36 ----D---- C:\WINDOWS\CbsTemp
2016-03-11 09:05:24 ----D---- C:\WINDOWS\system32\NDF
2016-03-10 23:16:33 ----D---- C:\WINDOWS\INF
2016-03-10 23:12:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-10 23:08:47 ----D---- C:\WINDOWS\system32\drivers
2016-03-10 23:06:59 ----D---- C:\WINDOWS\system32\migration
2016-03-10 23:06:57 ----D---- C:\WINDOWS\AppPatch
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Media Player
2016-03-10 23:06:57 ----D---- C:\Program Files\Internet Explorer
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 23:06:04 ----HD---- C:\ProgramData
2016-03-10 23:04:26 ----RD---- C:\Program Files (x86)
2016-03-09 22:36:30 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 22:32:09 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-09 22:30:48 ----SHD---- C:\System Volume Information
2016-03-09 21:59:09 ----D---- C:\WINDOWS\system32\catroot2
2016-03-09 17:23:50 ----D---- C:\Windows
2016-03-09 10:23:12 ----D---- C:\WINDOWS\debug
2016-03-09 10:13:34 ----SHD---- C:\Config.Msi
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\wbem
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Boot
2016-03-09 10:12:03 ----D---- C:\WINDOWS\system32\appraiser
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Media
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Fonts
2016-03-09 10:12:02 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-09 10:12:02 ----D---- C:\WINDOWS\bcastdvr
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Journal
2016-03-08 08:12:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-05 18:01:50 ----D---- C:\WINDOWS\LiveKernelReports
2016-03-04 17:46:02 ----SHDC---- C:\WINDOWS\Installer
2016-03-04 17:44:13 ----A---- C:\IFRToolLog.txt
2016-02-15 18:18:36 ----D---- C:\Users\Ricardino\AppData\Roaming\DAEMON Tools Lite
2016-02-15 18:18:36 ----AD---- C:\Program Files (x86)\TeamViewer
2016-02-15 18:14:15 ----D---- C:\Users\Ricardino\AppData\Roaming\TeamViewer
2016-02-15 18:14:13 ----D---- C:\Users\Ricardino\AppData\Roaming\Skype
2016-02-15 18:13:41 ----D---- C:\ProgramData\Skype
2016-02-15 18:12:58 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-15 18:12:46 ----D---- C:\Program Files\Java
2016-02-15 18:12:23 ----AD---- C:\Program Files\Defraggler
2016-02-14 20:27:22 ----D---- C:\ProgramData\Oracle
2016-02-14 20:24:03 ----D---- C:\Program Files (x86)\Common Files
2016-02-14 11:53:26 ----D---- C:\WINDOWS\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem69.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;@oem92.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem47.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-02-24 84992]
R3 ETD;@oem54.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem30.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem72.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem91.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-10-30 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem42.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem89.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem45.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tapoas;@oem36.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-02-24 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem2.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem70.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-06-11 124800]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-05-04 379392]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;@oem11.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S3 tap0901;@oem9.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 MessagingService_39a92;MessagingService_39a92; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_128a440;MessagingService_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_55f37e7;MessagingService_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
S2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_128a440;Sync Host_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_39a92;Sync Host_39a92; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55f37e7;Sync Host_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_128a440;Contact Data_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_39a92;Contact Data_39a92; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55f37e7;Contact Data_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-03-10 835152]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Run by Ricardino at 2016-03-13 18:24:59
Microsoft Windows 10 Home
System drive C: has 379 GB (83%) free of 456 GB
Total RAM: 16296 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:02, on 13.3.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ricardino.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{946e0766-5d15-455d-afbd-d7bc10d32352}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programy\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13771 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-958817a7-b84e-402a-98c6-069aabcc7a95 -SystemEventPortName:HostProcess-03bb4fe2-c89e-4108-b40c-8cfa29ae10b7 -IoCancelEventPortName:HostProcess-01d4f569-19ee-409a-a138-fb51b0a4db8e -NonStateChangingEventPortName:HostProcess-69895f9b-989d-4047-895f-d55486dbe6ea -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2185984e-98f8-44da-827d-61edfd8a3a8e -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
dashost.exe {bb172b13-7651-4075-bd63aadf3aa20fd9}
"D:\Programy\SUPERAntiSpyware\SASCORE64.EXE"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
taskeng.exe {3CBF22AA-62DE-4E77-9643-5E760961102F}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxTray.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 8192 632
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-488808105-4097251070-3538552251-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
wmiadap.exe /R /T
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
adb fork-server server
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ricardino\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.87 --handshake-handle=0x1ac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7372.0.1600152589\1311623920" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4331 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.1.388193915\1921218357" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.2.187982374\1663559355" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.3.1163738824\637153723" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.4.467690546\654503470" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=sk --force-fieldtrials=AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A1_Stable_R1/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="7372.5.590785398\1325783974" /prefetch:1
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Programy\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-15 553056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-15 214112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-16 5060864]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-09-27 3743976]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-01-21 1179576]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-12-04 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-12-04 16093512]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-12-04 8235848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EpicScale"= []
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-12-30 16294912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Ricardino\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-13 18:21:49 ----D---- C:\_OTM
2016-03-10 23:04:26 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-09 22:08:59 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 22:08:58 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 22:08:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-03-09 22:08:55 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 22:08:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-03-09 22:08:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 22:08:51 ----A---- C:\WINDOWS\system32\WSService.dll
2016-03-09 22:08:50 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 22:08:49 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 22:08:46 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 22:08:44 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-03-09 22:08:43 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-03-09 22:08:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-03-09 22:08:40 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-03-09 22:08:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 22:08:37 ----A---- C:\WINDOWS\system32\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\Unistore.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-03-09 22:08:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\invagent.dll
2016-03-09 22:08:35 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\SRH.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 22:08:34 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\wer.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 22:08:33 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\sqmapi.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 22:08:32 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\ChatApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\EmailApis.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 22:08:31 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\VCardParser.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sqmapi.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-03-09 22:08:30 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\SYSWOW64\cemapi.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 22:08:29 ----A---- C:\WINDOWS\system32\domgmt.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 22:08:28 ----A---- C:\WINDOWS\system32\cemapi.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AuthHost.exe
2016-03-09 22:08:26 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\POSyncServices.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\wermgr.exe
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-09 22:08:25 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-03-09 22:08:24 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\SYSWOW64\ExtrasXmlParser.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\wpninprc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\ExSMime.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\dssvc.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\devinv.dll
2016-03-09 22:08:23 ----A---- C:\WINDOWS\system32\AppxSip.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\fwbase.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 22:08:22 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataLanguageUtil.dll
2016-03-09 22:08:21 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-03-09 22:08:20 ----A---- C:\WINDOWS\SYSWOW64\UserDataTypeHelperUtil.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\UserDataService.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\profext.dll
2016-03-09 22:08:20 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\werui.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\vaultcli.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\scapi.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-03-09 22:08:19 ----A---- C:\WINDOWS\system32\configurationclient.dll
2016-03-09 22:08:18 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-03-09 19:55:08 ----D---- C:\rsit
2016-03-04 17:49:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-04 17:49:12 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-04 17:49:11 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-04 17:49:10 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-03-04 17:49:08 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\InputService.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-03-04 17:49:07 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-03-04 17:49:06 ----A---- C:\WINDOWS\system32\twinui.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-03-04 17:49:05 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-03-04 17:49:04 ----A---- C:\WINDOWS\system32\shell32.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-04 17:49:01 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-04 17:49:00 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-04 17:48:59 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-04 17:48:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-03-04 17:48:57 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-04 17:48:57 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\schedsvc.dll
2016-03-04 17:48:56 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-03-04 17:48:55 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-03-04 17:48:54 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\MDEServer.exe
2016-03-04 17:48:53 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\wlansvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winresume.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\winload.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\usbmon.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\localspl.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-03-04 17:48:52 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\uDWM.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\thumbcache.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\taskschd.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-03-04 17:48:51 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlansec.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\wfdprov.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\srpapi.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\psmsrv.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\irmon.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-03-04 17:48:50 ----A---- C:\WINDOWS\system32\accountaccessor.dll
======List of files/folders modified in the last 1 month======
2016-03-13 18:25:01 ----D---- C:\Program Files\trend micro
2016-03-13 18:24:56 ----D---- C:\WINDOWS\system32\Tasks
2016-03-13 18:24:27 ----D---- C:\WINDOWS\Temp
2016-03-13 18:24:21 ----D---- C:\WINDOWS\Prefetch
2016-03-13 18:23:44 ----D---- C:\WINDOWS\System32
2016-03-13 18:23:44 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-13 18:22:19 ----D---- C:\WINDOWS\system32\sru
2016-03-13 18:22:03 ----D---- C:\WINDOWS\SysWOW64
2016-03-13 18:21:49 ----D---- C:\WINDOWS\Tasks
2016-03-13 18:05:53 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-13 18:05:37 ----D---- C:\WINDOWS\WinSxS
2016-03-13 18:02:33 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-13 18:02:29 ----D---- C:\WINDOWS\system32\config
2016-03-13 17:59:02 ----D---- C:\WINDOWS\AppReadiness
2016-03-13 17:59:00 ----HD---- C:\Program Files\WindowsApps
2016-03-11 15:56:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-03-11 14:38:04 ----D---- C:\Users\Ricardino\AppData\Roaming\vlc
2016-03-11 10:06:12 ----D---- C:\Users\Ricardino\AppData\Roaming\uTorrent
2016-03-11 09:57:01 ----RSD---- C:\WINDOWS\assembly
2016-03-11 09:55:36 ----D---- C:\WINDOWS\CbsTemp
2016-03-11 09:05:24 ----D---- C:\WINDOWS\system32\NDF
2016-03-10 23:16:33 ----D---- C:\WINDOWS\INF
2016-03-10 23:12:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-10 23:08:47 ----D---- C:\WINDOWS\system32\drivers
2016-03-10 23:06:59 ----D---- C:\WINDOWS\system32\migration
2016-03-10 23:06:57 ----D---- C:\WINDOWS\AppPatch
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files\Windows Media Player
2016-03-10 23:06:57 ----D---- C:\Program Files\Internet Explorer
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 23:06:57 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 23:06:04 ----HD---- C:\ProgramData
2016-03-10 23:04:26 ----RD---- C:\Program Files (x86)
2016-03-09 22:36:30 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 22:32:09 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-09 22:30:48 ----SHD---- C:\System Volume Information
2016-03-09 21:59:09 ----D---- C:\WINDOWS\system32\catroot2
2016-03-09 17:23:50 ----D---- C:\Windows
2016-03-09 10:23:12 ----D---- C:\WINDOWS\debug
2016-03-09 10:13:34 ----SHD---- C:\Config.Msi
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-03-09 10:12:05 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\wbem
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Dism
2016-03-09 10:12:04 ----D---- C:\WINDOWS\system32\Boot
2016-03-09 10:12:03 ----D---- C:\WINDOWS\system32\appraiser
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Media
2016-03-09 10:12:02 ----RSD---- C:\WINDOWS\Fonts
2016-03-09 10:12:02 ----RD---- C:\WINDOWS\PurchaseDialog
2016-03-09 10:12:02 ----D---- C:\WINDOWS\bcastdvr
2016-03-09 10:12:02 ----D---- C:\Program Files\Windows Journal
2016-03-08 08:12:26 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-05 18:01:50 ----D---- C:\WINDOWS\LiveKernelReports
2016-03-04 17:46:02 ----SHDC---- C:\WINDOWS\Installer
2016-03-04 17:44:13 ----A---- C:\IFRToolLog.txt
2016-02-15 18:18:36 ----D---- C:\Users\Ricardino\AppData\Roaming\DAEMON Tools Lite
2016-02-15 18:18:36 ----AD---- C:\Program Files (x86)\TeamViewer
2016-02-15 18:14:15 ----D---- C:\Users\Ricardino\AppData\Roaming\TeamViewer
2016-02-15 18:14:13 ----D---- C:\Users\Ricardino\AppData\Roaming\Skype
2016-02-15 18:13:41 ----D---- C:\ProgramData\Skype
2016-02-15 18:12:58 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-15 18:12:46 ----D---- C:\Program Files\Java
2016-02-15 18:12:23 ----AD---- C:\Program Files\Defraggler
2016-02-14 20:27:22 ----D---- C:\ProgramData\Oracle
2016-02-14 20:24:03 ----D---- C:\Program Files (x86)\Common Files
2016-02-14 11:53:26 ----D---- C:\WINDOWS\rescache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem69.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-01-04 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;@oem92.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 SASDIFSV;SASDIFSV; \??\D:\Programy\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\D:\Programy\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem47.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-12-04 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-02-24 84992]
R3 ETD;@oem54.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-09-27 468568]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2015-09-27 30808]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 ibtusb;@oem30.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-14 263952]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 iwdbus;@oem72.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem91.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-10-30 3485696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 nvvad_WaveExtensible;@oem22.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 rt640x64;@oem42.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem89.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 761600]
R3 rtsuvc;@oem45.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-06-16 3068160]
R3 tapoas;@oem36.inf,%DeviceDescription%;TAP-Win32 Adapter OAS; C:\WINDOWS\System32\drivers\tapoas.sys [2012-07-15 30720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-02-24 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem2.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem70.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-06-11 124800]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-05-04 379392]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 47632]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;@oem11.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S3 tap0901;@oem9.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-04-08 27136]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; D:\Programy\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-09-27 134888]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-12-04 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-12-04 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-09 1872808]
R2 MessagingService_39a92;MessagingService_39a92; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-12-04 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_128a440;MessagingService_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 MessagingService_55f37e7;MessagingService_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2013-10-26 651856]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
S2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_128a440;Sync Host_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_39a92;Sync Host_39a92; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55f37e7;Sync Host_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-12-04 308720]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_128a440;Contact Data_128a440; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_39a92;Contact Data_39a92; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55f37e7;Contact Data_55f37e7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-03-10 835152]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2015-12-07 117400]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
SyncMaster
- Návštěvník
- Příspěvky: 471
- Registrován: 15 led 2011 14:21
Re: Prosím o kontrolu logu
Momentálne nefunguje spodná lišta a pred čistením ešte fungovala.
-
SyncMaster
- Návštěvník
- Příspěvky: 471
- Registrován: 15 led 2011 14:21
Re: Prosím o kontrolu logu
Ďalej čo som zistil, tak nefunguje ani default prehrávač obrázkov, kde vypíše chybnú hlášku: The app didn't start.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
SyncMaster
- Návštěvník
- Příspěvky: 471
- Registrován: 15 led 2011 14:21
Re: Prosím o kontrolu logu
Systém obnovený a lišta funguje. PC je inak čistý?
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Ano. Bylo tam jen pár AdWarů a nějaké zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
SyncMaster
- Návštěvník
- Příspěvky: 471
- Registrován: 15 led 2011 14:21
Re: Prosím o kontrolu logu
V poriadku. Ďakujem za Váš čas a pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?