Prosím o preventivní kontrolu, děkuji
Napsal: 31 kvě 2016 13:41
Poprosím o preventivku, dlouho jsem neprováděl žádnou kontrolu, počítač jakžtakž běží ale dělá občas divné věci, například při spuštění videa na YT musí být v Chromu nakliknutá přímo karta s videem, jinak se video nezapne.
Zde je log z RSITu:
Zde je log z RSITu:
Kód: Vybrat vše
Logfile of random's system information tool 1.10 (written by random/random)
Run by SWAN at 2016-05-31 14:29:38
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (4%) free of 300 GB
Total RAM: 3282 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:29:47, on 31.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\SWAN.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{E026680A-1A80-4C1E-91B8-D933D8B25597}: NameServer = 8.8.8.8
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 10297 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {E6A707EF-7E48-4187-B6E6-1A92D2399A7F}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task
"C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe" /startup
taskeng.exe {5497B51E-0A96-4700-9CE4-EE349DEDB466}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\SWAN\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=50.0.2661.102 --handshake-handle=0xcc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3836.0.969146868\1896428833" --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,10,12,24,53,71 --gpu-vendor-id=0x1002 --gpu-device-id=0x9993 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1701.0 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.2.284071873\973107476" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.3.1053634066\2138955845" /prefetch:1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.4.246200645\12239986" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.5.2036961450\983674434" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.7.576621526\582509584" /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.14.142188472\1868865249" /prefetch:1
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.16.55417873\537018268" /prefetch:1
"C:\Users\SWAN\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_33/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3836.22.1038989976\1692936443" /prefetch:1
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-04-12 228560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-09 570944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12 896288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-12 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-09 234048]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-04-12 163024]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-05-09 472128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12 720160]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-04-01 672032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-12 1741104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-09 186432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-02-26 8783616]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-01-11 2019616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-03-08 506864]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-11-12 5893920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-31 14:29:38 ----D---- C:\rsit
2016-05-09 13:15:18 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\ucrtbase.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-05-09 13:14:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-05-09 13:13:33 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-05-09 13:13:33 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-05-09 13:13:33 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-05-09 13:13:33 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-05-09 13:13:33 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wuwebv.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wups2.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wups.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wudriver.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wucltux.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wuaueng.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wuauclt.exe
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wuapp.exe
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wuapi.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-05-09 13:13:33 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-05-09 13:12:15 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-64.dll
2016-05-09 13:11:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-09 13:11:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-05-09 13:11:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-09 13:11:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-05-09 13:11:24 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-05-09 13:11:24 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-09 13:11:24 ----A---- C:\Windows\system32\ieui.dll
2016-05-09 13:11:24 ----A---- C:\Windows\system32\dxtrans.dll
2016-05-09 13:11:24 ----A---- C:\Windows\system32\dxtmsft.dll
2016-05-09 13:11:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-05-09 13:11:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-09 13:11:23 ----A---- C:\Windows\system32\mshtmled.dll
2016-05-09 13:11:23 ----A---- C:\Windows\system32\ieframe.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-09 13:11:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\wininet.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\webcheck.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\vbscript.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\occache.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\mshtml.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\jsproxy.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\jscript9diag.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\jscript9.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\jscript.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\ieUnatt.exe
2016-05-09 13:11:20 ----A---- C:\Windows\system32\iesetup.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\iernonce.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-05-09 13:11:20 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-09 13:11:20 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-09 13:11:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-09 13:11:19 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-05-09 13:11:19 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-05-09 13:11:19 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-05-09 13:11:19 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-05-09 13:11:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-09 13:11:19 ----A---- C:\Windows\system32\urlmon.dll
2016-05-09 13:11:19 ----A---- C:\Windows\system32\msrating.dll
2016-05-09 13:11:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-05-09 13:11:19 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-09 13:11:19 ----A---- C:\Windows\system32\inseng.dll
2016-05-09 13:11:19 ----A---- C:\Windows\system32\iertutil.dll
2016-05-09 13:11:18 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-09 13:06:30 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-05-09 13:05:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-05-09 13:05:16 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-05-09 13:05:16 ----A---- C:\Windows\system32\shell32.dll
2016-05-09 13:05:16 ----A---- C:\Windows\system32\authui.dll
2016-05-09 13:05:14 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-05-09 13:05:14 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-05-09 13:05:14 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-05-09 13:05:14 ----A---- C:\Windows\explorer.exe
2016-05-09 13:01:23 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-05-09 13:01:23 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-05-09 13:00:41 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-05-09 13:00:41 ----A---- C:\Windows\system32\ole32.dll
2016-05-09 13:00:31 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-05-09 13:00:31 ----A---- C:\Windows\system32\DelayAPO.dll
2016-05-09 12:54:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-09 12:54:41 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-09 12:54:41 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-09 12:54:41 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-09 12:54:41 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-09 12:54:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\sspicli.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\srcore.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\srclient.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\secur32.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\rstrui.exe
2016-05-09 12:54:41 ----A---- C:\Windows\system32\msobjs.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\msaudite.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\lsass.exe
2016-05-09 12:54:41 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-09 12:54:41 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-09 12:54:41 ----A---- C:\Windows\system32\auditpol.exe
2016-05-09 12:54:41 ----A---- C:\Windows\system32\advapi32.dll
2016-05-09 12:54:41 ----A---- C:\Windows\system32\adtschema.dll
2016-05-09 12:54:34 ----A---- C:\Windows\system32\YamahaAE2.dll
2016-05-09 12:54:34 ----A---- C:\Windows\system32\YamahaAE.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\WavesGUILib64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\tossaemaxapo64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\tossaeapo64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\toseaeapo64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\tosasfapo64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\tosade.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\tepeqapo64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\tadefxapo264.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\tadefxapo.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\SRSHP64.dll
2016-05-09 12:54:33 ----A---- C:\Windows\system32\SRRPTR64.dll
2016-05-09 12:54:32 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2016-05-09 12:54:32 ----A---- C:\Windows\system32\SRCOM64.dll
2016-05-09 12:54:32 ----A---- C:\Windows\system32\SRCOM.dll
2016-05-09 12:54:32 ----A---- C:\Windows\system32\SRAPO64.dll
2016-05-09 12:54:32 ----A---- C:\Windows\system32\sltech64.dll
2016-05-09 12:54:32 ----A---- C:\Windows\system32\slprp64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2016-05-09 12:54:31 ----A---- C:\Windows\SYSWOW64\SECOMN32.DLL
2016-05-09 12:54:31 ----A---- C:\Windows\system32\slcnt64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\sl3apo64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\SFSS_APO.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\SFNHK64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\SFCOM64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\SFAPO64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\SEHDRA64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\SECOMN64.dll
2016-05-09 12:54:31 ----A---- C:\Windows\system32\SEAPO64.dll
2016-05-09 12:54:22 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-05-09 12:54:22 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-05-09 12:54:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-09 12:54:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-09 12:54:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-09 12:54:21 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-09 12:54:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-09 12:54:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-09 12:54:21 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\wow64win.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\wow64.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\winsrv.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\wdigest.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\smss.exe
2016-05-09 12:54:21 ----A---- C:\Windows\system32\schannel.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-09 12:54:21 ----A---- C:\Windows\system32\ntdll.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\mtxoci.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\kernel32.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\kerberos.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-09 12:54:21 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-09 12:54:21 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-09 12:54:21 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\credssp.dll
2016-05-09 12:54:21 ----A---- C:\Windows\system32\conhost.exe
2016-05-09 12:54:21 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-09 12:54:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-09 12:54:20 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-05-09 12:54:20 ----A---- C:\Windows\system32\SETB9C5.tmp
2016-05-09 12:54:20 ----A---- C:\Windows\system32\SET77A2.tmp
2016-05-09 12:54:20 ----A---- C:\Windows\system32\EncDec.dll
2016-05-09 12:54:20 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-05-09 12:54:20 ----A---- C:\Windows\system32\CPFilters.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-09 12:54:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-09 12:54:19 ----A---- C:\Windows\system32\SETC6DC.tmp
2016-05-09 12:54:19 ----A---- C:\Windows\system32\RTEEP64A.dll
2016-05-09 12:54:19 ----A---- C:\Windows\system32\RTEEL64A.dll
2016-05-09 12:54:19 ----A---- C:\Windows\system32\RTEEG64A.dll
2016-05-09 12:54:19 ----A---- C:\Windows\system32\RTEED64A.dll
2016-05-09 12:54:19 ----A---- C:\Windows\system32\RtDataProc64.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-09 12:54:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-09 12:54:16 ----A---- C:\Windows\system32\RTCOM64.dll
2016-05-09 12:54:16 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-05-09 12:54:16 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-05-09 12:54:16 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2016-05-09 12:54:15 ----A---- C:\Windows\SYSWOW64\RltkAPO.dll
2016-05-09 12:54:15 ----A---- C:\Windows\system32\SETABB8.tmp
2016-05-09 12:54:14 ----A---- C:\Windows\system32\RCoRes64.dat
2016-05-09 12:54:14 ----A---- C:\Windows\system32\RCoInstII64.dll
2016-05-09 12:54:12 ----A---- C:\Windows\system32\R4EEP64A.dll
2016-05-09 12:54:12 ----A---- C:\Windows\system32\R4EEL64A.dll
2016-05-09 12:54:12 ----A---- C:\Windows\system32\R4EEG64A.dll
2016-05-09 12:54:12 ----A---- C:\Windows\system32\R4EED64A.dll
2016-05-09 12:54:12 ----A---- C:\Windows\system32\R4EEA64A.dll
2016-05-09 12:54:11 ----A---- C:\Windows\system32\NAHIMICV3apo.dll
2016-05-09 12:54:10 ----A---- C:\Windows\system32\NAHIMICV2apo.dll
2016-05-09 12:54:10 ----A---- C:\Windows\system32\NahimicAPONSControl.dll
2016-05-09 12:54:10 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2016-05-09 12:54:10 ----A---- C:\Windows\system32\MISS_APO.dll
2016-05-09 12:54:09 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-05-09 12:54:09 ----A---- C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-05-09 12:54:08 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-05-09 12:54:08 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-05-09 12:54:08 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioAPO7064.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2016-05-09 12:54:07 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\KAAPORT64.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\IntelSstCApoPropPage.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\IntelSSTAPO.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\HMUI.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\HMLimiter.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\HMHVS.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\HMEQ_Voice.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\HMEQ.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\HMClariFi.dll
2016-05-09 12:54:06 ----A---- C:\Windows\system32\HMAPO.dll
2016-05-09 12:54:05 ----A---- C:\Windows\system32\HiFiDAX2API.dll
2016-05-09 12:54:05 ----A---- C:\Windows\system32\HarmanAudioInterface.dll
2016-05-09 12:54:04 ----A---- C:\Windows\system32\FMAPO64.dll
2016-05-09 12:54:04 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-05-09 12:54:04 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2016-05-09 12:54:04 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2016-05-09 12:54:04 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2016-05-09 12:54:03 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2016-05-09 12:54:03 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DolbyDAX2APOv211.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DolbyDAX2APOv201.dll
2016-05-09 12:54:02 ----A---- C:\Windows\system32\DolbyDAX2APOProp.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPP64AF3.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPP64A.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPO64AF3.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPO64A.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPD64AF3.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPD64A.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPA64F3.dll
2016-05-09 12:54:01 ----A---- C:\Windows\system32\DDPA64.dll
2016-05-09 12:53:59 ----A---- C:\Windows\system32\CX64APO.dll
2016-05-09 12:53:58 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-05-09 12:53:57 ----A---- C:\Windows\system32\audioLibVc.dll
2016-05-09 12:53:57 ----A---- C:\Windows\system32\AERTAR64.dll
2016-05-09 12:53:57 ----A---- C:\Windows\system32\AERTAC64.dll
2016-05-09 12:53:57 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2016-05-09 12:51:32 ----A---- C:\Windows\system32\rdpudd.dll
2016-05-09 12:51:32 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-09 12:51:32 ----A---- C:\Windows\system32\rdpcorets.dll
2016-05-09 12:51:06 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-05-09 12:51:06 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-09 12:51:06 ----A---- C:\Windows\system32\InkEd.dll
2016-05-09 12:44:10 ----A---- C:\Windows\system32\win32k.sys
======List of files/folders modified in the last 1 month======
2016-05-31 14:29:47 ----D---- C:\Windows\Prefetch
2016-05-31 14:29:43 ----D---- C:\Program Files\trend micro
2016-05-31 14:29:42 ----D---- C:\Windows\Temp
2016-05-31 14:27:33 ----D---- C:\Windows
2016-05-31 14:24:58 ----D---- C:\Windows\Microsoft.NET
2016-05-31 14:24:35 ----SHD---- C:\Windows\Installer
2016-05-31 14:24:28 ----D---- C:\ProgramData\BlueStacksGameManager
2016-05-31 14:23:57 ----HD---- C:\ProgramData
2016-05-31 14:23:40 ----RD---- C:\Program Files (x86)
2016-05-31 14:20:57 ----D---- C:\Program Files (x86)\PokerStars.EU
2016-05-31 14:19:57 ----D---- C:\Windows\system32\Tasks
2016-05-31 14:16:21 ----D---- C:\Windows\System32
2016-05-31 14:16:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-31 14:13:13 ----D---- C:\Windows\system32\config
2016-05-31 06:35:28 ----D---- C:\Windows\SoftwareDistribution
2016-05-31 06:32:39 ----D---- C:\Windows\system32\catroot2
2016-05-31 06:31:07 ----D---- C:\Windows\debug
2016-05-30 15:52:13 ----D---- C:\ProgramData\ProductData
2016-05-29 21:58:08 ----D---- C:\Users\SWAN\AppData\Roaming\MPC-HC
2016-05-28 17:21:01 ----SHD---- C:\System Volume Information
2016-05-28 11:15:28 ----RSD---- C:\Windows\assembly
2016-05-28 01:51:26 ----D---- C:\Windows\inf
2016-05-28 01:14:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-28 01:13:12 ----D---- C:\Program Files\Microsoft Office 15
2016-05-15 15:52:13 ----D---- C:\Program Files (x86)\Google
2016-05-13 15:55:27 ----D---- C:\Windows\SysWOW64
2016-05-13 15:55:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-11 06:50:51 ----D---- C:\Windows\Tasks
2016-05-09 17:30:10 ----D---- C:\Windows\rescache
2016-05-09 13:25:15 ----D---- C:\Windows\winsxs
2016-05-09 13:21:28 ----D---- C:\Windows\system32\catroot
2016-05-09 13:20:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-09 13:20:49 ----D---- C:\Windows\system32\drivers
2016-05-09 13:20:49 ----D---- C:\Windows\system32\cs-CZ
2016-05-09 13:20:48 ----D---- C:\Windows\SYSWOW64\en-US
2016-05-09 13:20:48 ----D---- C:\Program Files\Internet Explorer
2016-05-09 13:20:47 ----D---- C:\Windows\system32\en-US
2016-05-09 13:20:46 ----D---- C:\Windows\cs-CZ
2016-05-09 13:20:46 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-09 13:20:41 ----D---- C:\Windows\AppPatch
2016-05-09 13:20:41 ----D---- C:\Program Files\Windows Journal
2016-05-09 13:13:01 ----D---- C:\Program Files (x86)\Common Files
2016-05-09 13:11:55 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-05-09 13:11:09 ----D---- C:\Program Files (x86)\Java
2016-05-09 13:06:37 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-05-09 13:06:08 ----D---- C:\Program Files\Java
2016-05-09 13:04:17 ----D---- C:\Windows\system32\DriverStore
2016-05-09 13:01:23 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-05-09 12:58:41 ----D---- C:\Windows\system32\DAX2
2016-05-09 12:57:17 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-05-09 11:53:41 ----D---- C:\ProgramData\BlueStacksSetup
2016-05-07 22:08:25 ----D---- C:\Program Files (x86)\Microsoft Office
2016-05-07 22:08:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-05-06 07:19:04 ----SD---- C:\Users\SWAN\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-06-30 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-06-30 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-05 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2013-04-03 39504]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-04-25 129856]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-11-19 21516800]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-11-19 483840]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-05-09 104984]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-04-03 30352]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2015-03-25 23048]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-05-09 4803840]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2015-01-05 1547616]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2015-03-25 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-05-09 1027840]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2015-03-25 23016]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2013-02-26 108128]
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2013-02-26 228448]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys [2012-03-02 19456]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys [2012-03-02 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys [2012-03-02 27136]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys [2012-03-02 34304]
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys [2014-05-27 31744]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cmshusbser;Mobile Connector USB Device for Legacy Serial Communication IN ANDROID DEVICE; C:\Windows\system32\DRIVERS\cmshusbser.sys [2011-11-30 127232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2013-02-01 19952]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-05-09 192216]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 qcusbser;Gionee USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\qcusbser.sys [2015-07-22 270048]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-22 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2016-02-26 203672]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2015-01-22 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2015-01-22 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-01-22 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-11-19 296448]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-06-04 361984]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2016-05-17 3009264]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-11-04 882464]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-02-20 161264]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-08-31 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-09 114688]
S3 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S3 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-05-16 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-05-16 5132888]
S3 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-19 66872]
S3 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-03-19 103736]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-05 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Spustte znovu FRST.exe