čínský sajrajt
Napsal: 18 lis 2016 19:41
DObrý den, chytili jsme na počítači nějaký čínský sajrajt. Prosím o radu co s tím
Logfile of random's system information tool 1.14 (written by random/random)
Run by uzi at 2016-11-18 19:31:59
Microsoft Windows 10 Enterprise
System drive C: has 64 GB (45%) free of 142 GB
Total RAM: 3989 MB (50% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:32:00, on 18.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Program Files\trend micro\uzi_RSITx64(1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://granena.ru/?utm_content=31b5cebd ... d=20161029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Background Logic Handler (backlh) - Unknown owner - C:\ProgramData\Logic Handler\set.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MaohaWiFiService (MaohaWifiSvr) - ???? ???? - C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Packet Manitor (Nettrans) - Unknown owner - C:\ProgramData\NetworkPacketManitor\Nettrans.exe
O23 - Service: PC Speed Up Service (PCSUService) - Optimal Software s.r.o. - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PC SP Validator (PCValidator) - AppVerifierService - C:\ProgramData\ValidatorPC\PCValidatorService.exe
O23 - Service: ProntSpooler - Unknown owner - C:\Program Files (x86)\TabletPlugins\vuw6t8GiF0IXjcPohAbt\UGRAfwFR.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SpeedChecker Service (SCService) - Optimal Software s.r.o. - C:\Program Files (x86)\Zrychleni Pocitace\SpeedCheckerService.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UC??????? (UCBrowserSvc) - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: Double Spaced Firewall (zigipyro) - Unknown owner - C:\Users\uzi\AppData\Local\1411E759-1479476199-5AA1-6316-C8CBB857B4BD\qnsdBED5.tmp
--
End of file - 10430 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\WINDOWS\SysWoW64\svchost.exe -k ArcherGroupEx
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
C:\WINDOWS\SysWoW64\svchost.exe -k Atokuse
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWoW64\svchost.exe -k netsvcs
C:\WINDOWS\SysWoW64\svchost.exe -k kuaizip2updatesvc
C:\WINDOWS\SysWoW64\svchost.exe -k kuaizipupdatesvc
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
"C:\Program Files (x86)\TabletPlugins\vuw6t8GiF0IXjcPohAbt\UGRAfwFR.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\SysWoW64\svchost.exe -k WinSAPSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe"
C:\Users\uzi\AppData\Local\1411E759-1479476199-5AA1-6316-C8CBB857B4BD\qnsdBED5.tmp
"C:\Program Files (x86)\UCBrowser\Application\UCService.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49330" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll','process_input_options.txt' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll','service=yes' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll','pause=60000 working_dir=C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData override_existing_tracing=no limit_output_by_filesize_mb=10' os='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\os_counters.txt' "
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" "C:\Program Files (x86)\ContentPush\app\app"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=gpu-process --channel="5868.0.1077176361\898845042" --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 /prefetch:822062411
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
C:\Windows\System32\smartscreen.exe -Embedding
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\MRT.exe" /R
C:\WINDOWS\system32\consent.exe
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=cs --extension-process --nodejs --working-directory="C:\Program Files (x86)\ContentPush\app\app" --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5868 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5868.1.1064857015\492898554" /prefetch:673131151
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=cs --extension-process --nodejs --working-directory="C:\Program Files (x86)\ContentPush\app\app" --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5868 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5868.2.279406239\80842531" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="6852.0.844131334\1052708903" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6852 "\\.\pipe\gecko-crash-server-pipe.6852" tab
C:\WINDOWS\system32\AUDIODG.EXE 0x2c0
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" "-cachedir=C:\Users\uzi\AppData\Local\Steam\htmlcache" "-steampid=736" "-buildid=1476379980" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
"C:\Program Files (x86)\PSPad editor\PSPad.exe" "C:\rsit\log.txt"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\uzi\Downloads\RSITx64(1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\uzi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\syslog - C:\Users\uzi\AppData\Local\syslog\syslog.exe
C:\WINDOWS\system32\tasks\Traffic Exchange - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 11
C:\WINDOWS\system32\tasks\Traffic Exchange Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 12
C:\WINDOWS\system32\tasks\Traffic Exchange Guardian - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 13
C:\WINDOWS\system32\tasks\Traffic Exchange Updater - C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe /silentall -nofreqcheck
C:\WINDOWS\system32\tasks\Traffic Exchange v2 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 15
C:\WINDOWS\system32\tasks\Traffic Exchange v2 Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 16
C:\WINDOWS\system32\tasks\Traffic Exchange v2 Guardian - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 17
C:\WINDOWS\system32\tasks\Traffic Exchange v2 OG - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 19
C:\WINDOWS\system32\tasks\Traffic Exchange v2 On Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 20
C:\WINDOWS\system32\tasks\Traffic Exchange v2 OnGuard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 18
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{E62C2839-090B-49C3-BA8D-529A0ACD4A39} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\Windows\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def
prefs.js - "browser.startup.homepage" - "http://granena.ru/?utm_content=31b5cebd ... d=20161029"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\searchplugins\
GoSearch.xml
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\addons.json
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\extensions.json
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Youtube AdBlock - extension - {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\pluginreg.dat
Plugin - WacomTabletPlugin - 2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
Plugin - Silverlight Plug-In - 5.1.30514.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={ielnksrch}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\ielnksrch]
"URL"=http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5Wsy7wdLHeRrwW4og2OsjWJyDY6_f6T2u3sr6AMOi2AXaq2vQoUU9knz_xurw-SNRB1-lJG_pBliAEJDe2Nt-MumSoYVgONix5gxIF1y3dF4RqJL67wgYfM4NzXAU2h9RRI6GipHV7t6Ltti9tldpDUeOa1cfQ,,&q={searchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.globasearch.com/?serie=209&i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}]
"URL"=http://www.globasearch.com/?serie=209&i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 234560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-11-21 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-11-21 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-11-21 453552]
"MRT"=C:\WINDOWS\system32\MRT.exe [2016-11-09 141011376]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-09-07 631808]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-03 633024]
"cz.seznam.software.autoupdate"=C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2016-11-16 1928768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\Quoteex\InchHatbam.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{943D482C-A5AA-11E6-B183-64006A5CFC23}"=C:\Users\uzi\AppData\Roaming\Plinoshmetither\Wokoentganogh.dll [2016-11-15 146432]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2016-11-18 19:05:16 ----D---- C:\rsit
2016-11-18 19:05:16 ----D---- C:\Program Files\trend micro
2016-11-18 18:43:12 ----D---- C:\Program Files\CCleaner
2016-11-18 10:50:05 ----D---- C:\Program Files\GATYQAJQQP
2016-11-17 18:32:53 ----SHD---- C:\Config.Msi
2016-11-17 17:49:30 ----D---- C:\ProgramData\ChelfNotify
2016-11-17 17:49:30 ----D---- C:\Program Files (x86)\WinArcher
2016-11-17 17:49:29 ----D---- C:\ProgramData\WinSAPSvc
2016-11-17 17:43:24 ----A---- C:\WINDOWS\system32\drivers\PROCEXP152.SYS
2016-11-17 17:42:47 ----D---- C:\Program Files (x86)\zvx578vx
2016-11-17 17:08:15 ----D---- C:\Program Files (x86)\8rj4jr12
2016-11-16 16:30:42 ----D---- C:\Program Files (x86)\sunnyday
2016-11-16 16:30:04 ----D---- C:\Program Files\B4IBST1I61
2016-11-16 16:27:01 ----D---- C:\Program Files (x86)\gamesdesktop
2016-11-15 19:25:45 ----D---- C:\Program Files (x86)\Steam
2016-11-15 13:39:50 ----SHD---- C:\ProgramData\WindowsMsg
2016-11-15 13:39:28 ----D---- C:\Users\uzi\AppData\Roaming\UPUpdata
2016-11-15 13:38:58 ----D---- C:\Users\uzi\AppData\Roaming\Ludashi
2016-11-15 13:38:58 ----D---- C:\Users\uzi\AppData\Roaming\lockhomepage
2016-11-15 13:38:35 ----D---- C:\Users\uzi\AppData\Roaming\LDSGameCenter
2016-11-15 13:38:11 ----D---- C:\Program Files (x86)\LDSGameCenter
2016-11-15 13:38:01 ----A---- C:\WINDOWS\system32\drivers\KuaiZipDrive.sys
2016-11-15 13:37:30 ----D---- C:\Program Files\żěŃą
2016-11-15 13:36:43 ----D---- C:\Program Files (x86)\GreatMaker
2016-11-15 13:36:43 ----A---- C:\WINDOWS\system32\chtbrkg.dll
2016-11-15 13:36:42 ----A---- C:\WINDOWS\SYSWOW64\chtbrkg.dll
2016-11-15 13:36:34 ----A---- C:\ProgramData\service.exe
2016-11-15 13:35:48 ----D---- C:\ProgramData\Avira
2016-11-15 13:35:48 ----D---- C:\ProgramData\Avg
2016-11-15 13:35:47 ----D---- C:\ProgramData\AVAST Software
2016-11-15 13:35:47 ----D---- C:\Program Files (x86)\LuDaShi
2016-11-15 13:34:44 ----D---- C:\Users\uzi\AppData\Roaming\KuaiZip
2016-11-15 13:34:44 ----A---- C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys
2016-11-15 13:34:40 ----D---- C:\Users\uzi\AppData\Roaming\Softlink
2016-11-15 13:34:24 ----D---- C:\Program Files (x86)\mpck
2016-11-15 13:33:55 ----D---- C:\ProgramData\Thunder Network
2016-11-15 13:33:48 ----D---- C:\Program Files (x86)\KuaiZip
2016-11-15 13:33:15 ----D---- C:\Users\uzi\AppData\Roaming\Plinoshmetither
2016-11-15 13:33:10 ----D---- C:\Users\uzi\AppData\Roaming\Profiles
2016-11-15 13:33:03 ----A---- C:\WINDOWS\system32\drivers\ucguard.sys
2016-11-15 13:33:01 ----D---- C:\Program Files (x86)\Zemitygrerloing
2016-11-15 13:31:56 ----D---- C:\Program Files (x86)\UCBrowser
2016-11-15 13:31:47 ----D---- C:\Users\uzi\AppData\Roaming\ContentPush
2016-11-15 13:31:47 ----D---- C:\Program Files (x86)\1411E759-1479213513-5AA1-6316-C8CBB857B4BD
2016-11-15 13:30:17 ----D---- C:\Program Files (x86)\wanttoxiamen
2016-11-15 13:30:16 ----D---- C:\ProgramData\Microleaves
2016-11-15 13:29:58 ----D---- C:\Program Files (x86)\ContentPush
2016-11-15 13:29:18 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2016-11-15 13:27:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-15 13:27:32 ----D---- C:\ProgramData\Logic Handler
2016-11-15 13:27:29 ----D---- C:\ProgramData\Quoteexs
2016-11-15 13:27:18 ----D---- C:\ProgramData\Quoteex
2016-11-15 13:27:17 ----A---- C:\Users\uzi\AppData\Roaming\noah.dat
2016-11-15 13:27:17 ----A---- C:\Users\uzi\AppData\Roaming\Main.dat
2016-11-15 13:27:16 ----A---- C:\Users\uzi\AppData\Roaming\agent.dat
2016-11-15 13:27:15 ----A---- C:\Users\uzi\AppData\Roaming\Zathcof.exe
2016-11-15 13:27:13 ----D---- C:\ProgramData\NetworkPacketManitor
2016-11-15 13:27:12 ----D---- C:\Program Files (x86)\Microleaves
2016-11-15 13:26:49 ----A---- C:\Users\uzi\AppData\Roaming\Installer.dat
2016-11-15 13:26:40 ----D---- C:\Users\uzi\AppData\Roaming\Microleaves
2016-11-09 19:36:22 ----D---- C:\Program Files (x86)\Youtube AdBlock
2016-11-09 17:28:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-09 17:28:35 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-09 17:28:31 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-09 17:28:31 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 17:28:28 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-09 17:28:28 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-09 17:28:27 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-09 17:28:27 ----A---- C:\WINDOWS\system32\rdpshell.exe
2016-11-09 17:28:27 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 17:28:26 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-09 17:28:26 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-09 17:28:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:28:25 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:28:25 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-09 17:28:24 ----A---- C:\WINDOWS\system32\rdpinit.exe
2016-11-09 17:28:24 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 17:28:21 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 17:28:20 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 17:28:19 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 17:28:19 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-09 17:28:19 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-09 17:28:18 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 17:28:18 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-09 17:28:18 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-09 17:28:17 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-09 17:28:16 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-09 17:28:16 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-09 17:28:15 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 17:28:15 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-09 17:28:15 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-09 17:28:13 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-09 17:28:13 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-09 17:28:12 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-09 17:28:12 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-09 17:28:12 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-09 17:28:11 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-09 17:28:10 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-09 17:28:10 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:28:09 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-09 17:28:09 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-09 17:28:08 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-09 17:28:08 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-09 17:28:08 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-09 17:28:07 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-09 17:28:07 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-09 17:28:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 17:28:06 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-09 17:28:05 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-09 17:28:05 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-09 17:27:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 17:27:55 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 17:27:55 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-09 17:27:55 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-09 17:27:54 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-09 17:27:54 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-09 17:27:54 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 17:27:54 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-09 17:27:53 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 17:27:53 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 17:27:53 ----A---- C:\WINDOWS\explorer.exe
2016-11-09 17:27:52 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-09 17:27:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 17:27:46 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 17:27:46 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-09 17:27:46 ----A---- C:\WINDOWS\system32\cscui.dll
2016-11-09 17:27:45 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-09 17:27:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-09 17:27:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-09 17:27:45 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 17:27:44 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 17:27:44 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-09 17:27:42 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-09 17:27:42 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 17:27:41 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 17:27:41 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 17:27:40 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 17:27:40 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 17:27:39 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-09 17:27:39 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-09 17:27:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 17:27:37 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-09 17:27:35 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-09 17:27:35 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-09 17:27:34 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-09 17:27:34 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 17:27:33 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-09 17:27:33 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 17:27:33 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 17:27:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 17:27:31 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-09 17:27:30 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 17:27:29 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-09 17:27:27 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-09 17:27:27 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 17:27:26 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 17:27:26 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-09 17:27:25 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-09 17:27:25 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 17:27:25 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 17:27:24 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-09 17:27:22 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 17:27:22 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-09 17:27:21 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-09 17:27:21 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 17:27:19 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 17:27:17 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 17:27:16 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 17:27:15 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-09 17:27:14 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 17:27:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 17:27:14 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-09 17:27:13 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 17:27:13 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-09 17:27:12 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-09 17:27:06 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 17:27:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 17:27:04 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 17:27:03 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-09 17:27:03 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 17:27:03 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:27:02 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 17:27:02 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 17:26:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:26:59 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-09 17:26:59 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-09 17:26:58 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 17:26:57 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-09 17:26:57 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 17:26:56 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-09 17:26:56 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 17:26:56 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-09 17:26:55 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 17:26:53 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-09 17:26:53 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-09 17:26:53 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-09 17:26:50 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-09 17:26:50 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 17:26:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 17:26:48 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-09 17:26:48 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-09 17:26:48 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-09 17:26:47 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-09 17:26:47 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-09 17:26:47 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-09 17:26:45 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 17:26:44 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-09 17:26:43 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-09 17:26:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 17:26:40 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-09 17:26:39 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 17:26:37 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-09 17:26:37 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 17:26:37 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 17:26:37 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-09 17:26:35 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 17:26:34 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 17:26:33 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-09 17:26:33 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-09 17:26:33 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-09 17:26:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-05 18:34:15 ----AD---- C:\Program Files (x86)\Star Stable Online
2016-11-05 18:02:47 ----D---- C:\ProgramData\Roblox
2016-11-05 18:02:17 ----D---- C:\Program Files (x86)\Roblox
2016-11-01 13:42:45 ----D---- C:\Program Files (x86)\TabletPlugins
2016-11-01 13:42:44 ----D---- C:\Program Files\TabletPlugins
2016-11-01 13:41:30 ----A---- C:\WINDOWS\system32\drivers\wacomrouterfilter.sys
2016-11-01 13:41:25 ----A---- C:\WINDOWS\system32\drivers\hidkmdf.sys
2016-11-01 13:41:24 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2016-11-01 13:41:24 ----A---- C:\WINDOWS\system32\drivers\wdfcoinstaller01009.dll
2016-11-01 13:41:24 ----A---- C:\WINDOWS\system32\drivers\wachidrouter.sys
2016-11-01 13:41:18 ----A---- C:\WINDOWS\SYSWOW64\Wintab32.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\SYSWOW64\WacomMT.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\SYSWOW64\Wacom_Touch_Tablet.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\system32\WacomMT.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\system32\Wacom_Touch_Tablet.dll
2016-11-01 13:41:17 ----A---- C:\WINDOWS\SYSWOW64\Wacom_Tablet.dll
2016-11-01 13:41:17 ----A---- C:\WINDOWS\system32\Wintab32.dll
2016-11-01 13:41:17 ----A---- C:\WINDOWS\system32\Wacom_Tablet.dll
2016-11-01 13:41:14 ----D---- C:\Users\uzi\AppData\Roaming\WTablet
2016-11-01 13:41:14 ----D---- C:\Program Files\Tablet
2016-10-31 17:10:38 ----D---- C:\Users\uzi\AppData\Roaming\HPRewriter2
2016-10-31 16:45:09 ----D---- C:\Users\uzi\AppData\Roaming\Corel
2016-10-31 16:45:07 ----D---- C:\ProgramData\Protexis64
2016-10-31 16:42:48 ----D---- C:\Program Files\Common Files\Protexis
2016-10-31 16:42:46 ----D---- C:\ProgramData\Corel
2016-10-31 16:39:49 ----D---- C:\Program Files\Corel
2016-10-30 12:59:29 ----AD---- C:\Program Files\GIMP 2
2016-10-29 18:17:37 ----D---- C:\ProgramData\Mail.Ru
2016-10-29 16:03:21 ----D---- C:\Users\uzi\AppData\Roaming\Nico Mak Computing
2016-10-29 16:03:14 ----A---- C:\WINDOWS\system32\roboot64.exe
2016-10-29 16:03:06 ----A---- C:\WINDOWS\SYSWOW64\fmcodec.DLL
2016-10-29 16:02:59 ----AD---- C:\Program Files (x86)\WinZip Registry Optimizer
2016-10-29 16:01:04 ----D---- C:\ProgramData\AskPartnerNetwork
2016-10-29 16:01:04 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2016-10-28 17:07:47 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-10-28 17:07:47 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 17:07:46 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-10-28 17:07:46 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 17:07:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 17:07:41 ----A---- C:\WINDOWS\system32\mfps.dll
2016-10-28 17:07:39 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-10-28 17:07:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 17:07:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 17:07:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 17:07:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 17:07:27 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-10-28 17:07:25 ----A---- C:\WINDOWS\system32\energy.dll
2016-10-28 17:07:25 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-10-28 17:07:24 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-10-28 17:07:24 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-10-28 17:07:23 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 17:07:23 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2016-10-28 17:07:22 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2016-10-28 17:07:22 ----A---- C:\WINDOWS\system32\usocore.dll
2016-10-28 17:07:22 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-28 17:07:22 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-10-28 17:07:21 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-10-28 17:07:21 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 17:07:19 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 17:07:19 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 17:07:14 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 17:07:14 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 17:07:14 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 17:07:13 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 17:07:07 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-10-28 17:07:06 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-10-28 17:07:06 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 17:07:06 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-10-28 17:07:05 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-10-28 17:07:05 ----A---- C:\WINDOWS\system32\wpnprv.dll
2016-10-28 17:07:04 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-10-28 17:07:04 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-10-28 17:07:04 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-10-28 17:07:03 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2016-10-28 17:07:03 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 17:07:02 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2016-10-28 17:07:02 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-10-28 17:07:02 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2016-10-28 17:07:01 ----A---- C:\WINDOWS\system32\Display.dll
2016-10-28 17:07:01 ----A---- C:\WINDOWS\system32\autoplay.dll
2016-10-28 17:07:00 ----A---- C:\WINDOWS\system32\powercfg.exe
2016-10-28 17:07:00 ----A---- C:\WINDOWS\system32\fhcpl.dll
2016-10-28 17:07:00 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-10-28 17:06:59 ----A---- C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 17:06:59 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 17:06:59 ----A---- C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 17:06:58 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 17:06:58 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-10-28 17:06:57 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 17:06:57 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 17:06:56 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-10-28 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-10-28 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2016-10-28 17:06:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-10-28 17:06:52 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-10-28 17:06:51 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\mispace.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\splwow64.exe
2016-10-28 17:06:48 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-28 17:06:48 ----A---- C:\WINDOWS\system32\wintrust.dll
2016-10-28 17:06:48 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 17:06:47 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-28 17:06:47 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-28 17:06:46 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-28 17:06:45 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-10-28 17:06:45 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\SYSWOW64\wmpeffects.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\system32\drvstore.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2016-10-28 17:06:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-10-28 17:06:43 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\cmifw.dll
2016-10-28 17:06:41 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2016-10-28 17:06:41 ----A---- C:\WINDOWS\system32\wmpshell.dll
2016-10-28 17:06:40 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2016-10-28 17:06:39 ----A---- C:\WINDOWS\SYSWOW64\esentutl.exe
2016-10-28 17:06:39 ----A---- C:\WINDOWS\system32\wups.dll
2016-10-28 17:06:39 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-10-28 17:06:39 ----A---- C:\WINDOWS\system32\esentutl.exe
2016-10-28 17:06:36 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-10-28 17:06:36 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 17:06:34 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 17:06:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-28 17:06:32 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-28 17:06:31 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 17:06:31 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 17:06:30 ----A---- C:\WINDOWS\system32\mos.dll
2016-10-28 17:06:29 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2016-10-28 17:06:29 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-10-28 17:06:28 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2016-10-28 17:06:25 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-10-28 17:06:24 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-10-28 17:06:24 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-10-28 17:06:24 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\wc_storage.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\daxexec.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-10-28 17:06:21 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-10-28 17:06:21 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 17:06:21 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\combase.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 17:06:18 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-10-28 17:06:18 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 17:06:16 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-10-28 17:06:16 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 17:06:16 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-10-28 17:06:15 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2016-10-28 17:06:09 ----A---- C:\WINDOWS\SYSWOW64\autoplay.dll
2016-10-28 17:06:09 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 17:06:08 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2016-10-28 17:06:08 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-10-28 17:06:08 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 17:06:04 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-10-28 17:06:03 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-28 17:06:03 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-10-28 17:06:03 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-10-28 17:06:02 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-10-28 17:06:00 ----A---- C:\WINDOWS\system32\Geolocation.dll
2016-10-28 17:05:58 ----A---- C:\WINDOWS\system32\winmde.dll
2016-10-28 17:05:58 ----A---- C:\WINDOWS\system32\NotificationController.dll
2016-10-28 17:05:58 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-10-28 17:05:57 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-28 17:05:57 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-10-28 17:05:56 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-28 17:05:54 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-10-28 17:05:53 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2016-10-28 17:05:53 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-10-28 17:05:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-10-28 17:05:52 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2016-10-28 17:05:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-10-28 17:05:48 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-10-28 17:05:44 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 17:05:42 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-10-28 17:05:42 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 17:05:41 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-28 17:05:41 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-10-28 17:05:41 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 17:05:40 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-10-28 17:05:39 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-10-28 17:05:39 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-28 17:05:39 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 17:05:38 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-10-28 17:05:38 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2016-10-28 17:05:38 ----A---- C:\WINDOWS\system32\cdd.dll
2016-10-28 17:05:37 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 17:05:37 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-10-28 17:05:34 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-10-28 17:05:34 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 17:05:33 ----A---- C:\WINDOWS\SYSWOW64\powercfg.exe
2016-10-28 17:05:33 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2016-10-27 16:24:26 ----D---- C:\WINDOWS\Panther
2016-10-27 16:23:03 ----ASH---- C:\hiberfil.sys
2016-10-21 11:08:54 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-10-21 09:46:18 ----D---- C:\WINDOWS\Minidump
2016-10-20 15:48:03 ----D---- C:\Users\uzi\AppData\Roaming\pcspeeduppro.net
2016-10-20 15:47:58 ----D---- C:\Users\uzi\AppData\Roaming\FileOpenerWindows
2016-10-20 15:47:58 ----D---- C:\ProgramData\ValidatorPC
2016-10-20 15:47:57 ----D---- C:\ProgramData\PCSpeedupPro.net
2016-10-20 15:47:57 ----AD---- C:\Program Files\PC-Speedup-Pro
======List of files/folders modified in the last 1 month======
2016-11-18 19:31:05 ----D---- C:\WINDOWS\Temp
2016-11-18 19:30:31 ----D---- C:\WINDOWS\Prefetch
2016-11-18 19:30:24 ----D---- C:\WINDOWS\AppReadiness
2016-11-18 19:26:10 ----D---- C:\WINDOWS\system32\SleepStudy
2016-11-18 19:21:16 ----D---- C:\WINDOWS\system32\sru
2016-11-18 19:19:23 ----D---- C:\WINDOWS\Tasks
2016-11-18 19:19:23 ----D---- C:\WINDOWS\system32\Tasks
2016-11-18 19:18:44 ----D---- C:\Users\uzi\AppData\Roaming\Seznam.cz
2016-11-18 19:16:57 ----RD---- C:\Program Files
2016-11-18 19:14:56 ----D---- C:\Users\uzi\AppData\Roaming\Skype
2016-11-18 19:11:34 ----D---- C:\WINDOWS\INF
2016-11-18 19:10:57 ----D---- C:\WINDOWS\SoftwareDistribution
2016-11-18 19:10:31 ----D---- C:\Windows
2016-11-18 19:09:32 ----D---- C:\WINDOWS\system32\drivers\etc
2016-11-18 18:54:02 ----RD---- C:\Program Files (x86)
2016-11-18 18:46:33 ----AD---- C:\Program Files (x86)\TeamViewer
2016-11-18 18:46:32 ----D---- C:\Users\uzi\AppData\Roaming\TS3Client
2016-11-18 18:46:31 ----D---- C:\Users\uzi\AppData\Roaming\FileZilla
2016-11-18 18:46:19 ----D---- C:\WINDOWS\debug
2016-11-18 18:46:18 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-18 18:37:19 ----D---- C:\WINDOWS\System32
2016-11-18 18:37:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-18 18:33:09 ----D---- C:\WINDOWS\system32\catroot2
2016-11-18 13:28:01 ----D---- C:\WINDOWS\system32\wbem
2016-11-18 11:36:29 ----AD---- C:\Program Files (x86)\WinSCP
2016-11-18 11:34:06 ----HD---- C:\Program Files\WindowsApps
2016-11-18 11:31:12 ----AD---- C:\Program Files (x86)\Intel Driver Update Utility
2016-11-18 11:23:33 ----D---- C:\Program Files (x86)\Windows NT
2016-11-18 10:59:07 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-11-18 10:57:08 ----D---- C:\Program Files (x86)\NCH Software
2016-11-18 10:56:11 ----D---- C:\Program Files (x86)\CMAK
2016-11-18 10:54:20 ----D---- C:\Program Files (x86)\MSBuild
2016-11-18 10:53:23 ----AD---- C:\Program Files (x86)\Tunngle
2016-11-18 10:52:24 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-11-18 10:52:22 ----D---- C:\Program Files (x86)\Windows Defender
2016-11-17 18:33:54 ----SHD---- C:\WINDOWS\Installer
2016-11-17 17:49:30 ----HD---- C:\ProgramData
2016-11-17 17:43:53 ----D---- C:\WINDOWS\system32\WDI
2016-11-17 17:43:24 ----AD---- C:\WINDOWS\system32\drivers
2016-11-15 19:25:51 ----D---- C:\Program Files (x86)\Common Files
2016-11-15 13:37:50 ----SD---- C:\ProgramData\Microsoft
2016-11-15 13:36:43 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 13:35:46 ----D---- C:\TempProjekty
2016-11-15 13:35:46 ----D---- C:\StareFotky
2016-11-15 13:35:46 ----D---- C:\Riot Games
2016-11-15 13:35:45 ----AD---- C:\Program Files (x86)\Minecraft
2016-11-15 13:35:45 ----AD---- C:\Program Files (x86)\LibreOffice 5
2016-11-15 13:35:44 ----D---- C:\UCTO2015
2016-11-15 13:35:44 ----D---- C:\Python27
2016-11-15 13:35:44 ----D---- C:\Program Files (x86)\Seznam.cz
2016-11-15 13:35:44 ----D---- C:\Pokladna
2016-11-15 13:35:44 ----D---- C:\Intel
2016-11-15 13:35:44 ----AD---- C:\Program Files (x86)\PSPad editor
2016-11-15 13:35:14 ----D---- C:\Program Files (x86)\WindowsPowerShell
2016-11-15 13:35:13 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-11-15 13:35:13 ----RD---- C:\Program Files (x86)\Skype
2016-11-15 13:35:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Windows Media Player
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Windows Mail
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\R.G. Mechanics
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Notepad++
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\NewSoft
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Intel
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\HP
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Elcomsoft
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\TeamSpeak 3 Client
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\GameforgeLive
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\FirestormLauncher
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\Elcomsoft Password Recovery
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\7-Zip
2016-11-14 19:27:33 ----A---- C:\WINDOWS\Reimage.ini
2016-11-14 19:05:18 ----D---- C:\WINDOWS\system32\config
2016-11-14 18:52:07 ----RD---- C:\WINDOWS\Microsoft.NET
2016-11-12 12:16:29 ----D---- C:\WINDOWS\rescache
2016-11-12 11:24:23 ----SHD---- C:\System Volume Information
2016-11-10 17:11:10 ----D---- C:\WINDOWS\WinSxS
2016-11-10 17:11:10 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-10 15:53:04 ----D---- C:\Program Files\McAfee Security Scan
2016-11-09 21:17:23 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 21:17:22 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 21:17:02 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 21:17:02 ----D---- C:\WINDOWS\system32\oobe
2016-11-09 21:17:02 ----D---- C:\WINDOWS\system32\migwiz
2016-11-09 21:17:01 ----D---- C:\WINDOWS\system32\migration
2016-11-09 21:17:00 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 21:17:00 ----D---- C:\WINDOWS\system32\Boot
2016-11-09 21:16:48 ----D---- C:\WINDOWS\ShellExperiences
2016-11-09 21:16:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-09 21:16:45 ----D---- C:\WINDOWS\bcastdvr
2016-11-09 21:16:45 ----D---- C:\WINDOWS\AppPatch
2016-11-09 21:13:06 ----SD---- C:\Users\uzi\AppData\Roaming\Microsoft
2016-11-09 18:29:52 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 18:15:33 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 18:15:25 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 16:17:50 ----D---- C:\WINDOWS\system32\Macromed
2016-11-09 16:17:42 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-01 13:41:31 ----D---- C:\WINDOWS\system32\CatRoot
2016-10-31 17:11:47 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-10-31 16:42:48 ----D---- C:\Program Files\Common Files
2016-10-30 13:03:09 ----D---- C:\Users\uzi\AppData\Roaming\uTorrent
2016-10-29 18:32:56 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-10-29 18:32:43 ----D---- C:\WINDOWS\system32\en-US
2016-10-29 18:32:42 ----D---- C:\WINDOWS\system32\appraiser
2016-10-29 18:32:38 ----D---- C:\WINDOWS\PolicyDefinitions
2016-10-29 18:32:37 ----RSD---- C:\WINDOWS\Fonts
2016-10-29 18:32:37 ----D---- C:\Program Files\Windows Media Player
2016-10-29 00:56:11 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-28 16:39:02 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-10-22 13:42:46 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-10-19 10:32:39 ----D---- C:\WINDOWS\Logs
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Achernar;Achernar - SCSI Command Filter Drivers; C:\WINDOWS\system32\Drivers\Achernar.sys [2015-11-27 34104]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 KuaiZipDrive;KuaiZipDrive; \??\C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [2016-11-15 92872]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-03 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-03 84992]
R3 netr28x;@oem15.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2016-09-01 2554528]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 rtbth;@oem8.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2015-11-21 1219200]
R3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2016-07-18 52904]
R3 SynTP;@oem9.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2016-07-18 622784]
R3 tap0901t;@oem0.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\System32\drivers\tap0901t.sys [2016-04-26 48824]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S1 MaohaWifiNetPro;MaohaWifiNetPro; \??\C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [2015-10-27 871152]
S2 KuaiZipDrive2;KuaiZipDrive2; \??\C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys [2016-11-15 93072]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-10-15 967168]
S3 ComputerZ_x64;ComputerZ_x64; \??\C:\program files (x86)\ludashi\ComputerZ_x64.sys [2016-06-27 49152]
S3 emAudio;PCTV EMP Audio Device; C:\WINDOWS\system32\drivers\emAudio64.sys [2015-11-27 32256]
S3 hidkmdf;@oem17.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\WINDOWS\System32\drivers\hidkmdf.sys [2016-10-06 23784]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 RSP2STOR;@oem6.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2015-11-21 310528]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2016-11-16 202304]
R2 Archer;Archer; C:\WINDOWS\SysWoW64\svchost.exe [2016-07-16 38792]
R2 Atokuse;Atokuse; %SystemRoot%\system32\svchost.exe -k Atokuse;"ServiceDll"=C:\Program Files (x86)\Zemitygrerloing\pospytocoiedMdl.dll
R2 CDPUserSvc_94387;CDPUserSvc_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-06-08 416408]
R2 GmSvc;Game Protection Service; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=C:\Program Files (x86)\LDSGameCenter\GmSvc.dll
R2 HpSvc;Hardware Protection Service; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=c:\program files (x86)\ludashi\lpi\HpSvc.dll
R2 Kuaizip Update Checker;Kuaizip Update Checker; %SystemRoot%\System32\svchost.exe -k kuaizip2updatesvc;"ServiceDll"=C:\Program Files (x86)\KuaiZip\X86\kuaizipUpdateChecker.dll
R2 KuaizipUpdateChecker;KuaizipUpdateChecker; %SystemRoot%\System32\svchost.exe -k kuaizipupdatesvc;"ServiceDll"=C:\Program Files\żěŃą\X86\kuaizipUpdateChecker.dll
R2 MaohaWifiSvr;MaohaWiFiService; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [2014-12-18 170464]
R2 OneSyncSvc_94387;Hostitel synchronizace_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2016-01-28 445600]
R2 ProntSpooler;ProntSpooler; C:\Program Files (x86)\TabletPlugins\vuw6t8GiF0IXjcPohAbt\UGRAfwFR.exe [2016-11-18 129536]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 337776]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-11-06 8016240]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-07-18 253960]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-08-08 7248144]
R3 PimIndexMaintenanceSvc_94387;Data kontaktů_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\TimeBrokerServer.dll
S2 backlh;Background Logic Handler; C:\ProgramData\Logic Handler\set.exe [2016-11-10 3786752]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 Nettrans;Network Packet Manitor; C:\ProgramData\NetworkPacketManitor\Nettrans.exe [2016-09-28 57856]
S2 PCValidator;PC SP Validator; C:\ProgramData\ValidatorPC\PCValidatorService.exe [2016-08-19 34304]
S2 SCService;SpeedChecker Service; C:\Program Files (x86)\Zrychleni Pocitace\SpeedCheckerService.exe [2016-01-28 67232]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2016-06-08 117400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [2016-10-13 329480]
S3 MessagingService_94387;Služba zasílání zpráv_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 172488]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-09-15 823136]
S4 GoogleChromeUpService;GoogleChromeUpService; C:\ProgramData\service.exe [2016-11-15 1620992]
S4 HPWriter Service;HPWriter Service; C:\Users\uzi\AppData\Roaming\HPRewriter2\HPWriterSrv3.exe [2016-10-29 2045424]
S4 Quoteex;Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe [2016-11-15 692736]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Logfile of random's system information tool 1.14 (written by random/random)
Run by uzi at 2016-11-18 19:31:59
Microsoft Windows 10 Enterprise
System drive C: has 64 GB (45%) free of 142 GB
Total RAM: 3989 MB (50% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:32:00, on 18.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Program Files\trend micro\uzi_RSITx64(1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://granena.ru/?utm_content=31b5cebd ... d=20161029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Background Logic Handler (backlh) - Unknown owner - C:\ProgramData\Logic Handler\set.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MaohaWiFiService (MaohaWifiSvr) - ???? ???? - C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Packet Manitor (Nettrans) - Unknown owner - C:\ProgramData\NetworkPacketManitor\Nettrans.exe
O23 - Service: PC Speed Up Service (PCSUService) - Optimal Software s.r.o. - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PC SP Validator (PCValidator) - AppVerifierService - C:\ProgramData\ValidatorPC\PCValidatorService.exe
O23 - Service: ProntSpooler - Unknown owner - C:\Program Files (x86)\TabletPlugins\vuw6t8GiF0IXjcPohAbt\UGRAfwFR.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SpeedChecker Service (SCService) - Optimal Software s.r.o. - C:\Program Files (x86)\Zrychleni Pocitace\SpeedCheckerService.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UC??????? (UCBrowserSvc) - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: Double Spaced Firewall (zigipyro) - Unknown owner - C:\Users\uzi\AppData\Local\1411E759-1479476199-5AA1-6316-C8CBB857B4BD\qnsdBED5.tmp
--
End of file - 10430 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\WINDOWS\SysWoW64\svchost.exe -k ArcherGroupEx
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
C:\WINDOWS\SysWoW64\svchost.exe -k Atokuse
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWoW64\svchost.exe -k netsvcs
C:\WINDOWS\SysWoW64\svchost.exe -k kuaizip2updatesvc
C:\WINDOWS\SysWoW64\svchost.exe -k kuaizipupdatesvc
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
"C:\Program Files (x86)\TabletPlugins\vuw6t8GiF0IXjcPohAbt\UGRAfwFR.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\SysWoW64\svchost.exe -k WinSAPSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe"
C:\Users\uzi\AppData\Local\1411E759-1479476199-5AA1-6316-C8CBB857B4BD\qnsdBED5.tmp
"C:\Program Files (x86)\UCBrowser\Application\UCService.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49330" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll','process_input_options.txt' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll','service=yes' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll','pause=60000 working_dir=C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData override_existing_tracing=no limit_output_by_filesize_mb=10' os='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\os_counters.txt' "
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" "C:\Program Files (x86)\ContentPush\app\app"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=gpu-process --channel="5868.0.1077176361\898845042" --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 /prefetch:822062411
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
C:\Windows\System32\smartscreen.exe -Embedding
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\MRT.exe" /R
C:\WINDOWS\system32\consent.exe
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=cs --extension-process --nodejs --working-directory="C:\Program Files (x86)\ContentPush\app\app" --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5868 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5868.1.1064857015\492898554" /prefetch:673131151
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=cs --extension-process --nodejs --working-directory="C:\Program Files (x86)\ContentPush\app\app" --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5868 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5868.2.279406239\80842531" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="6852.0.844131334\1052708903" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6852 "\\.\pipe\gecko-crash-server-pipe.6852" tab
C:\WINDOWS\system32\AUDIODG.EXE 0x2c0
"C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe" "-cachedir=C:\Users\uzi\AppData\Local\Steam\htmlcache" "-steampid=736" "-buildid=1476379980" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
"C:\Program Files (x86)\PSPad editor\PSPad.exe" "C:\rsit\log.txt"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\uzi\Downloads\RSITx64(1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\uzi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\syslog - C:\Users\uzi\AppData\Local\syslog\syslog.exe
C:\WINDOWS\system32\tasks\Traffic Exchange - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 11
C:\WINDOWS\system32\tasks\Traffic Exchange Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 12
C:\WINDOWS\system32\tasks\Traffic Exchange Guardian - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe 1 13
C:\WINDOWS\system32\tasks\Traffic Exchange Updater - C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe /silentall -nofreqcheck
C:\WINDOWS\system32\tasks\Traffic Exchange v2 - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 15
C:\WINDOWS\system32\tasks\Traffic Exchange v2 Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 16
C:\WINDOWS\system32\tasks\Traffic Exchange v2 Guardian - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 17
C:\WINDOWS\system32\tasks\Traffic Exchange v2 OG - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 19
C:\WINDOWS\system32\tasks\Traffic Exchange v2 On Guard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 20
C:\WINDOWS\system32\tasks\Traffic Exchange v2 OnGuard - C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.exe 1 18
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{E62C2839-090B-49C3-BA8D-529A0ACD4A39} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\UpgradeSubscription.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\Windows\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def
prefs.js - "browser.startup.homepage" - "http://granena.ru/?utm_content=31b5cebd ... d=20161029"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\searchplugins\
GoSearch.xml
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\addons.json
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\extensions.json
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Youtube AdBlock - extension - {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} - C:\Program Files (x86)\Mozilla Firefox\browser\features\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\uzi\AppData\Roaming\Mozilla\Firefox\Profiles\1g14y5h8.def\pluginreg.dat
Plugin - WacomTabletPlugin - 2.1.0.7 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
Plugin - Silverlight Plug-In - 5.1.30514.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
=========Google Chrome=========
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={ielnksrch}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\ielnksrch]
"URL"=http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5Wsy7wdLHeRrwW4og2OsjWJyDY6_f6T2u3sr6AMOi2AXaq2vQoUU9knz_xurw-SNRB1-lJG_pBliAEJDe2Nt-MumSoYVgONix5gxIF1y3dF4RqJL67wgYfM4NzXAU2h9RRI6GipHV7t6Ltti9tldpDUeOa1cfQ,,&q={searchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.globasearch.com/?serie=209&i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}]
"URL"=http://www.globasearch.com/?serie=209&i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20 234560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-11-21 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-11-21 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-11-21 453552]
"MRT"=C:\WINDOWS\system32\MRT.exe [2016-11-09 141011376]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-09-07 631808]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\uzi\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-03 633024]
"cz.seznam.software.autoupdate"=C:\Users\uzi\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\uzi\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2016-11-16 1928768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\Quoteex\InchHatbam.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{943D482C-A5AA-11E6-B183-64006A5CFC23}"=C:\Users\uzi\AppData\Roaming\Plinoshmetither\Wokoentganogh.dll [2016-11-15 146432]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2016-11-18 19:05:16 ----D---- C:\rsit
2016-11-18 19:05:16 ----D---- C:\Program Files\trend micro
2016-11-18 18:43:12 ----D---- C:\Program Files\CCleaner
2016-11-18 10:50:05 ----D---- C:\Program Files\GATYQAJQQP
2016-11-17 18:32:53 ----SHD---- C:\Config.Msi
2016-11-17 17:49:30 ----D---- C:\ProgramData\ChelfNotify
2016-11-17 17:49:30 ----D---- C:\Program Files (x86)\WinArcher
2016-11-17 17:49:29 ----D---- C:\ProgramData\WinSAPSvc
2016-11-17 17:43:24 ----A---- C:\WINDOWS\system32\drivers\PROCEXP152.SYS
2016-11-17 17:42:47 ----D---- C:\Program Files (x86)\zvx578vx
2016-11-17 17:08:15 ----D---- C:\Program Files (x86)\8rj4jr12
2016-11-16 16:30:42 ----D---- C:\Program Files (x86)\sunnyday
2016-11-16 16:30:04 ----D---- C:\Program Files\B4IBST1I61
2016-11-16 16:27:01 ----D---- C:\Program Files (x86)\gamesdesktop
2016-11-15 19:25:45 ----D---- C:\Program Files (x86)\Steam
2016-11-15 13:39:50 ----SHD---- C:\ProgramData\WindowsMsg
2016-11-15 13:39:28 ----D---- C:\Users\uzi\AppData\Roaming\UPUpdata
2016-11-15 13:38:58 ----D---- C:\Users\uzi\AppData\Roaming\Ludashi
2016-11-15 13:38:58 ----D---- C:\Users\uzi\AppData\Roaming\lockhomepage
2016-11-15 13:38:35 ----D---- C:\Users\uzi\AppData\Roaming\LDSGameCenter
2016-11-15 13:38:11 ----D---- C:\Program Files (x86)\LDSGameCenter
2016-11-15 13:38:01 ----A---- C:\WINDOWS\system32\drivers\KuaiZipDrive.sys
2016-11-15 13:37:30 ----D---- C:\Program Files\żěŃą
2016-11-15 13:36:43 ----D---- C:\Program Files (x86)\GreatMaker
2016-11-15 13:36:43 ----A---- C:\WINDOWS\system32\chtbrkg.dll
2016-11-15 13:36:42 ----A---- C:\WINDOWS\SYSWOW64\chtbrkg.dll
2016-11-15 13:36:34 ----A---- C:\ProgramData\service.exe
2016-11-15 13:35:48 ----D---- C:\ProgramData\Avira
2016-11-15 13:35:48 ----D---- C:\ProgramData\Avg
2016-11-15 13:35:47 ----D---- C:\ProgramData\AVAST Software
2016-11-15 13:35:47 ----D---- C:\Program Files (x86)\LuDaShi
2016-11-15 13:34:44 ----D---- C:\Users\uzi\AppData\Roaming\KuaiZip
2016-11-15 13:34:44 ----A---- C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys
2016-11-15 13:34:40 ----D---- C:\Users\uzi\AppData\Roaming\Softlink
2016-11-15 13:34:24 ----D---- C:\Program Files (x86)\mpck
2016-11-15 13:33:55 ----D---- C:\ProgramData\Thunder Network
2016-11-15 13:33:48 ----D---- C:\Program Files (x86)\KuaiZip
2016-11-15 13:33:15 ----D---- C:\Users\uzi\AppData\Roaming\Plinoshmetither
2016-11-15 13:33:10 ----D---- C:\Users\uzi\AppData\Roaming\Profiles
2016-11-15 13:33:03 ----A---- C:\WINDOWS\system32\drivers\ucguard.sys
2016-11-15 13:33:01 ----D---- C:\Program Files (x86)\Zemitygrerloing
2016-11-15 13:31:56 ----D---- C:\Program Files (x86)\UCBrowser
2016-11-15 13:31:47 ----D---- C:\Users\uzi\AppData\Roaming\ContentPush
2016-11-15 13:31:47 ----D---- C:\Program Files (x86)\1411E759-1479213513-5AA1-6316-C8CBB857B4BD
2016-11-15 13:30:17 ----D---- C:\Program Files (x86)\wanttoxiamen
2016-11-15 13:30:16 ----D---- C:\ProgramData\Microleaves
2016-11-15 13:29:58 ----D---- C:\Program Files (x86)\ContentPush
2016-11-15 13:29:18 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2016-11-15 13:27:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-11-15 13:27:32 ----D---- C:\ProgramData\Logic Handler
2016-11-15 13:27:29 ----D---- C:\ProgramData\Quoteexs
2016-11-15 13:27:18 ----D---- C:\ProgramData\Quoteex
2016-11-15 13:27:17 ----A---- C:\Users\uzi\AppData\Roaming\noah.dat
2016-11-15 13:27:17 ----A---- C:\Users\uzi\AppData\Roaming\Main.dat
2016-11-15 13:27:16 ----A---- C:\Users\uzi\AppData\Roaming\agent.dat
2016-11-15 13:27:15 ----A---- C:\Users\uzi\AppData\Roaming\Zathcof.exe
2016-11-15 13:27:13 ----D---- C:\ProgramData\NetworkPacketManitor
2016-11-15 13:27:12 ----D---- C:\Program Files (x86)\Microleaves
2016-11-15 13:26:49 ----A---- C:\Users\uzi\AppData\Roaming\Installer.dat
2016-11-15 13:26:40 ----D---- C:\Users\uzi\AppData\Roaming\Microleaves
2016-11-09 19:36:22 ----D---- C:\Program Files (x86)\Youtube AdBlock
2016-11-09 17:28:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-09 17:28:35 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-09 17:28:34 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-09 17:28:33 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-09 17:28:32 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-09 17:28:31 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-09 17:28:31 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 17:28:30 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-09 17:28:29 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 17:28:28 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-09 17:28:28 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-09 17:28:27 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-09 17:28:27 ----A---- C:\WINDOWS\system32\rdpshell.exe
2016-11-09 17:28:27 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 17:28:26 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-09 17:28:26 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-09 17:28:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:28:25 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:28:25 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-09 17:28:24 ----A---- C:\WINDOWS\system32\rdpinit.exe
2016-11-09 17:28:24 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 17:28:21 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 17:28:20 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 17:28:19 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 17:28:19 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-09 17:28:19 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-09 17:28:18 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 17:28:18 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-09 17:28:18 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-09 17:28:17 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-09 17:28:16 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-09 17:28:16 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-09 17:28:15 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 17:28:15 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-09 17:28:15 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-09 17:28:14 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-09 17:28:13 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-09 17:28:13 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-09 17:28:12 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-09 17:28:12 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-09 17:28:12 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-09 17:28:11 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-09 17:28:10 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-09 17:28:10 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:28:09 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-09 17:28:09 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-09 17:28:08 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-09 17:28:08 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-09 17:28:08 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-09 17:28:07 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-09 17:28:07 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-09 17:28:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 17:28:06 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-09 17:28:05 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-09 17:28:05 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-09 17:27:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-09 17:27:57 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-09 17:27:56 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 17:27:55 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 17:27:55 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-09 17:27:55 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-09 17:27:54 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-09 17:27:54 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-09 17:27:54 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 17:27:54 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-09 17:27:53 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 17:27:53 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 17:27:53 ----A---- C:\WINDOWS\explorer.exe
2016-11-09 17:27:52 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-09 17:27:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 17:27:46 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 17:27:46 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-09 17:27:46 ----A---- C:\WINDOWS\system32\cscui.dll
2016-11-09 17:27:45 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-09 17:27:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-09 17:27:45 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-09 17:27:45 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 17:27:44 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 17:27:44 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 17:27:43 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-09 17:27:42 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-09 17:27:42 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 17:27:41 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 17:27:41 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 17:27:40 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 17:27:40 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 17:27:39 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-09 17:27:39 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-09 17:27:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 17:27:37 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-09 17:27:35 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-09 17:27:35 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-09 17:27:34 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-09 17:27:34 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 17:27:33 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-09 17:27:33 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 17:27:33 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 17:27:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 17:27:31 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-09 17:27:30 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 17:27:29 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-09 17:27:27 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-09 17:27:27 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 17:27:26 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 17:27:26 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-09 17:27:25 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-09 17:27:25 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 17:27:25 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 17:27:24 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 17:27:23 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-09 17:27:22 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 17:27:22 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-09 17:27:21 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-09 17:27:21 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 17:27:19 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-09 17:27:18 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 17:27:17 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 17:27:16 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 17:27:15 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-09 17:27:14 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 17:27:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 17:27:14 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-09 17:27:13 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 17:27:13 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-09 17:27:12 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-09 17:27:06 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 17:27:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 17:27:04 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 17:27:03 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-09 17:27:03 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 17:27:03 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:27:02 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 17:27:02 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 17:26:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:26:59 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-09 17:26:59 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-09 17:26:58 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 17:26:57 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-09 17:26:57 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 17:26:56 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-09 17:26:56 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 17:26:56 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-09 17:26:55 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 17:26:53 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-09 17:26:53 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-09 17:26:53 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 17:26:52 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 17:26:51 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-09 17:26:50 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-09 17:26:50 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 17:26:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 17:26:48 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-09 17:26:48 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-09 17:26:48 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-09 17:26:47 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-09 17:26:47 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-09 17:26:47 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-09 17:26:46 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-09 17:26:45 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 17:26:44 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-09 17:26:43 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 17:26:42 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-09 17:26:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 17:26:40 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-09 17:26:39 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 17:26:39 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 17:26:38 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 17:26:37 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-09 17:26:37 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 17:26:37 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 17:26:37 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 17:26:36 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-09 17:26:35 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 17:26:34 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 17:26:33 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-09 17:26:33 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-09 17:26:33 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-09 17:26:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-09 17:26:26 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-05 18:34:15 ----AD---- C:\Program Files (x86)\Star Stable Online
2016-11-05 18:02:47 ----D---- C:\ProgramData\Roblox
2016-11-05 18:02:17 ----D---- C:\Program Files (x86)\Roblox
2016-11-01 13:42:45 ----D---- C:\Program Files (x86)\TabletPlugins
2016-11-01 13:42:44 ----D---- C:\Program Files\TabletPlugins
2016-11-01 13:41:30 ----A---- C:\WINDOWS\system32\drivers\wacomrouterfilter.sys
2016-11-01 13:41:25 ----A---- C:\WINDOWS\system32\drivers\hidkmdf.sys
2016-11-01 13:41:24 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2016-11-01 13:41:24 ----A---- C:\WINDOWS\system32\drivers\wdfcoinstaller01009.dll
2016-11-01 13:41:24 ----A---- C:\WINDOWS\system32\drivers\wachidrouter.sys
2016-11-01 13:41:18 ----A---- C:\WINDOWS\SYSWOW64\Wintab32.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\SYSWOW64\WacomMT.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\SYSWOW64\Wacom_Touch_Tablet.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\system32\WacomMT.dll
2016-11-01 13:41:18 ----A---- C:\WINDOWS\system32\Wacom_Touch_Tablet.dll
2016-11-01 13:41:17 ----A---- C:\WINDOWS\SYSWOW64\Wacom_Tablet.dll
2016-11-01 13:41:17 ----A---- C:\WINDOWS\system32\Wintab32.dll
2016-11-01 13:41:17 ----A---- C:\WINDOWS\system32\Wacom_Tablet.dll
2016-11-01 13:41:14 ----D---- C:\Users\uzi\AppData\Roaming\WTablet
2016-11-01 13:41:14 ----D---- C:\Program Files\Tablet
2016-10-31 17:10:38 ----D---- C:\Users\uzi\AppData\Roaming\HPRewriter2
2016-10-31 16:45:09 ----D---- C:\Users\uzi\AppData\Roaming\Corel
2016-10-31 16:45:07 ----D---- C:\ProgramData\Protexis64
2016-10-31 16:42:48 ----D---- C:\Program Files\Common Files\Protexis
2016-10-31 16:42:46 ----D---- C:\ProgramData\Corel
2016-10-31 16:39:49 ----D---- C:\Program Files\Corel
2016-10-30 12:59:29 ----AD---- C:\Program Files\GIMP 2
2016-10-29 18:17:37 ----D---- C:\ProgramData\Mail.Ru
2016-10-29 16:03:21 ----D---- C:\Users\uzi\AppData\Roaming\Nico Mak Computing
2016-10-29 16:03:14 ----A---- C:\WINDOWS\system32\roboot64.exe
2016-10-29 16:03:06 ----A---- C:\WINDOWS\SYSWOW64\fmcodec.DLL
2016-10-29 16:02:59 ----AD---- C:\Program Files (x86)\WinZip Registry Optimizer
2016-10-29 16:01:04 ----D---- C:\ProgramData\AskPartnerNetwork
2016-10-29 16:01:04 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2016-10-28 17:07:47 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-10-28 17:07:47 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 17:07:46 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-10-28 17:07:46 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 17:07:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 17:07:41 ----A---- C:\WINDOWS\system32\mfps.dll
2016-10-28 17:07:39 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-10-28 17:07:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 17:07:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 17:07:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 17:07:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 17:07:27 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-10-28 17:07:25 ----A---- C:\WINDOWS\system32\energy.dll
2016-10-28 17:07:25 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-10-28 17:07:24 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-10-28 17:07:24 ----A---- C:\WINDOWS\system32\msvproc.dll
2016-10-28 17:07:23 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 17:07:23 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2016-10-28 17:07:22 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2016-10-28 17:07:22 ----A---- C:\WINDOWS\system32\usocore.dll
2016-10-28 17:07:22 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-28 17:07:22 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-10-28 17:07:21 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-10-28 17:07:21 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 17:07:19 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 17:07:19 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 17:07:14 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 17:07:14 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 17:07:14 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 17:07:13 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 17:07:07 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2016-10-28 17:07:06 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2016-10-28 17:07:06 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 17:07:06 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-10-28 17:07:05 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-10-28 17:07:05 ----A---- C:\WINDOWS\system32\wpnprv.dll
2016-10-28 17:07:04 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-10-28 17:07:04 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-10-28 17:07:04 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2016-10-28 17:07:03 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2016-10-28 17:07:03 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 17:07:02 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2016-10-28 17:07:02 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-10-28 17:07:02 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2016-10-28 17:07:01 ----A---- C:\WINDOWS\system32\Display.dll
2016-10-28 17:07:01 ----A---- C:\WINDOWS\system32\autoplay.dll
2016-10-28 17:07:00 ----A---- C:\WINDOWS\system32\powercfg.exe
2016-10-28 17:07:00 ----A---- C:\WINDOWS\system32\fhcpl.dll
2016-10-28 17:07:00 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2016-10-28 17:06:59 ----A---- C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 17:06:59 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 17:06:59 ----A---- C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 17:06:58 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 17:06:58 ----A---- C:\WINDOWS\system32\qmgr.dll
2016-10-28 17:06:57 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 17:06:57 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 17:06:56 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2016-10-28 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-10-28 17:06:54 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2016-10-28 17:06:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-10-28 17:06:52 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-10-28 17:06:51 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\mispace.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-28 17:06:50 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\wsp_health.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\spoolsv.exe
2016-10-28 17:06:49 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-28 17:06:49 ----A---- C:\WINDOWS\splwow64.exe
2016-10-28 17:06:48 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-28 17:06:48 ----A---- C:\WINDOWS\system32\wintrust.dll
2016-10-28 17:06:48 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 17:06:47 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-28 17:06:47 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-28 17:06:46 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-28 17:06:45 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-10-28 17:06:45 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\SYSWOW64\wmpeffects.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\system32\drvstore.dll
2016-10-28 17:06:44 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2016-10-28 17:06:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-10-28 17:06:43 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-10-28 17:06:42 ----A---- C:\WINDOWS\system32\cmifw.dll
2016-10-28 17:06:41 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2016-10-28 17:06:41 ----A---- C:\WINDOWS\system32\wmpshell.dll
2016-10-28 17:06:40 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2016-10-28 17:06:39 ----A---- C:\WINDOWS\SYSWOW64\esentutl.exe
2016-10-28 17:06:39 ----A---- C:\WINDOWS\system32\wups.dll
2016-10-28 17:06:39 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-10-28 17:06:39 ----A---- C:\WINDOWS\system32\esentutl.exe
2016-10-28 17:06:36 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-10-28 17:06:36 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\wpncore.dll
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-10-28 17:06:35 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 17:06:34 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 17:06:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-28 17:06:32 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-28 17:06:31 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 17:06:31 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 17:06:30 ----A---- C:\WINDOWS\system32\mos.dll
2016-10-28 17:06:29 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2016-10-28 17:06:29 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-10-28 17:06:28 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2016-10-28 17:06:25 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-10-28 17:06:24 ----A---- C:\WINDOWS\system32\WinTypes.dll
2016-10-28 17:06:24 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-10-28 17:06:24 ----A---- C:\WINDOWS\system32\CPFilters.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\wc_storage.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\daxexec.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 17:06:23 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-10-28 17:06:21 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-10-28 17:06:21 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 17:06:21 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\D3D12.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-10-28 17:06:20 ----A---- C:\WINDOWS\system32\combase.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 17:06:19 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 17:06:18 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-10-28 17:06:18 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 17:06:16 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-10-28 17:06:16 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 17:06:16 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-10-28 17:06:15 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2016-10-28 17:06:09 ----A---- C:\WINDOWS\SYSWOW64\autoplay.dll
2016-10-28 17:06:09 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 17:06:08 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2016-10-28 17:06:08 ----A---- C:\WINDOWS\system32\EncDec.dll
2016-10-28 17:06:08 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 17:06:04 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-10-28 17:06:03 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-28 17:06:03 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-10-28 17:06:03 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-10-28 17:06:02 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-10-28 17:06:00 ----A---- C:\WINDOWS\system32\Geolocation.dll
2016-10-28 17:05:58 ----A---- C:\WINDOWS\system32\winmde.dll
2016-10-28 17:05:58 ----A---- C:\WINDOWS\system32\NotificationController.dll
2016-10-28 17:05:58 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-10-28 17:05:57 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-28 17:05:57 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-10-28 17:05:56 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-28 17:05:54 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2016-10-28 17:05:53 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2016-10-28 17:05:53 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-10-28 17:05:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-10-28 17:05:52 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2016-10-28 17:05:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-10-28 17:05:48 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-10-28 17:05:44 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 17:05:43 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 17:05:42 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-10-28 17:05:42 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 17:05:41 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-28 17:05:41 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-10-28 17:05:41 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 17:05:40 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2016-10-28 17:05:39 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-10-28 17:05:39 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-28 17:05:39 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 17:05:38 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2016-10-28 17:05:38 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2016-10-28 17:05:38 ----A---- C:\WINDOWS\system32\cdd.dll
2016-10-28 17:05:37 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 17:05:37 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2016-10-28 17:05:34 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-10-28 17:05:34 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 17:05:33 ----A---- C:\WINDOWS\SYSWOW64\powercfg.exe
2016-10-28 17:05:33 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2016-10-27 16:24:26 ----D---- C:\WINDOWS\Panther
2016-10-27 16:23:03 ----ASH---- C:\hiberfil.sys
2016-10-21 11:08:54 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-10-21 09:46:18 ----D---- C:\WINDOWS\Minidump
2016-10-20 15:48:03 ----D---- C:\Users\uzi\AppData\Roaming\pcspeeduppro.net
2016-10-20 15:47:58 ----D---- C:\Users\uzi\AppData\Roaming\FileOpenerWindows
2016-10-20 15:47:58 ----D---- C:\ProgramData\ValidatorPC
2016-10-20 15:47:57 ----D---- C:\ProgramData\PCSpeedupPro.net
2016-10-20 15:47:57 ----AD---- C:\Program Files\PC-Speedup-Pro
======List of files/folders modified in the last 1 month======
2016-11-18 19:31:05 ----D---- C:\WINDOWS\Temp
2016-11-18 19:30:31 ----D---- C:\WINDOWS\Prefetch
2016-11-18 19:30:24 ----D---- C:\WINDOWS\AppReadiness
2016-11-18 19:26:10 ----D---- C:\WINDOWS\system32\SleepStudy
2016-11-18 19:21:16 ----D---- C:\WINDOWS\system32\sru
2016-11-18 19:19:23 ----D---- C:\WINDOWS\Tasks
2016-11-18 19:19:23 ----D---- C:\WINDOWS\system32\Tasks
2016-11-18 19:18:44 ----D---- C:\Users\uzi\AppData\Roaming\Seznam.cz
2016-11-18 19:16:57 ----RD---- C:\Program Files
2016-11-18 19:14:56 ----D---- C:\Users\uzi\AppData\Roaming\Skype
2016-11-18 19:11:34 ----D---- C:\WINDOWS\INF
2016-11-18 19:10:57 ----D---- C:\WINDOWS\SoftwareDistribution
2016-11-18 19:10:31 ----D---- C:\Windows
2016-11-18 19:09:32 ----D---- C:\WINDOWS\system32\drivers\etc
2016-11-18 18:54:02 ----RD---- C:\Program Files (x86)
2016-11-18 18:46:33 ----AD---- C:\Program Files (x86)\TeamViewer
2016-11-18 18:46:32 ----D---- C:\Users\uzi\AppData\Roaming\TS3Client
2016-11-18 18:46:31 ----D---- C:\Users\uzi\AppData\Roaming\FileZilla
2016-11-18 18:46:19 ----D---- C:\WINDOWS\debug
2016-11-18 18:46:18 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-18 18:37:19 ----D---- C:\WINDOWS\System32
2016-11-18 18:37:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-18 18:33:09 ----D---- C:\WINDOWS\system32\catroot2
2016-11-18 13:28:01 ----D---- C:\WINDOWS\system32\wbem
2016-11-18 11:36:29 ----AD---- C:\Program Files (x86)\WinSCP
2016-11-18 11:34:06 ----HD---- C:\Program Files\WindowsApps
2016-11-18 11:31:12 ----AD---- C:\Program Files (x86)\Intel Driver Update Utility
2016-11-18 11:23:33 ----D---- C:\Program Files (x86)\Windows NT
2016-11-18 10:59:07 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-11-18 10:57:08 ----D---- C:\Program Files (x86)\NCH Software
2016-11-18 10:56:11 ----D---- C:\Program Files (x86)\CMAK
2016-11-18 10:54:20 ----D---- C:\Program Files (x86)\MSBuild
2016-11-18 10:53:23 ----AD---- C:\Program Files (x86)\Tunngle
2016-11-18 10:52:24 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-11-18 10:52:22 ----D---- C:\Program Files (x86)\Windows Defender
2016-11-17 18:33:54 ----SHD---- C:\WINDOWS\Installer
2016-11-17 17:49:30 ----HD---- C:\ProgramData
2016-11-17 17:43:53 ----D---- C:\WINDOWS\system32\WDI
2016-11-17 17:43:24 ----AD---- C:\WINDOWS\system32\drivers
2016-11-15 19:25:51 ----D---- C:\Program Files (x86)\Common Files
2016-11-15 13:37:50 ----SD---- C:\ProgramData\Microsoft
2016-11-15 13:36:43 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 13:35:46 ----D---- C:\TempProjekty
2016-11-15 13:35:46 ----D---- C:\StareFotky
2016-11-15 13:35:46 ----D---- C:\Riot Games
2016-11-15 13:35:45 ----AD---- C:\Program Files (x86)\Minecraft
2016-11-15 13:35:45 ----AD---- C:\Program Files (x86)\LibreOffice 5
2016-11-15 13:35:44 ----D---- C:\UCTO2015
2016-11-15 13:35:44 ----D---- C:\Python27
2016-11-15 13:35:44 ----D---- C:\Program Files (x86)\Seznam.cz
2016-11-15 13:35:44 ----D---- C:\Pokladna
2016-11-15 13:35:44 ----D---- C:\Intel
2016-11-15 13:35:44 ----AD---- C:\Program Files (x86)\PSPad editor
2016-11-15 13:35:14 ----D---- C:\Program Files (x86)\WindowsPowerShell
2016-11-15 13:35:13 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2016-11-15 13:35:13 ----RD---- C:\Program Files (x86)\Skype
2016-11-15 13:35:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Windows Media Player
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Windows Mail
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\R.G. Mechanics
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Notepad++
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\NewSoft
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Intel
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\HP
2016-11-15 13:35:13 ----D---- C:\Program Files (x86)\Elcomsoft
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\TeamSpeak 3 Client
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\GameforgeLive
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\FirestormLauncher
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\Elcomsoft Password Recovery
2016-11-15 13:35:13 ----AD---- C:\Program Files (x86)\7-Zip
2016-11-14 19:27:33 ----A---- C:\WINDOWS\Reimage.ini
2016-11-14 19:05:18 ----D---- C:\WINDOWS\system32\config
2016-11-14 18:52:07 ----RD---- C:\WINDOWS\Microsoft.NET
2016-11-12 12:16:29 ----D---- C:\WINDOWS\rescache
2016-11-12 11:24:23 ----SHD---- C:\System Volume Information
2016-11-10 17:11:10 ----D---- C:\WINDOWS\WinSxS
2016-11-10 17:11:10 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-10 15:53:04 ----D---- C:\Program Files\McAfee Security Scan
2016-11-09 21:17:23 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 21:17:22 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 21:17:02 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 21:17:02 ----D---- C:\WINDOWS\system32\oobe
2016-11-09 21:17:02 ----D---- C:\WINDOWS\system32\migwiz
2016-11-09 21:17:01 ----D---- C:\WINDOWS\system32\migration
2016-11-09 21:17:00 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 21:17:00 ----D---- C:\WINDOWS\system32\Boot
2016-11-09 21:16:48 ----D---- C:\WINDOWS\ShellExperiences
2016-11-09 21:16:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-09 21:16:45 ----D---- C:\WINDOWS\bcastdvr
2016-11-09 21:16:45 ----D---- C:\WINDOWS\AppPatch
2016-11-09 21:13:06 ----SD---- C:\Users\uzi\AppData\Roaming\Microsoft
2016-11-09 18:29:52 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 18:15:33 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 18:15:25 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 16:17:50 ----D---- C:\WINDOWS\system32\Macromed
2016-11-09 16:17:42 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-01 13:41:31 ----D---- C:\WINDOWS\system32\CatRoot
2016-10-31 17:11:47 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-10-31 16:42:48 ----D---- C:\Program Files\Common Files
2016-10-30 13:03:09 ----D---- C:\Users\uzi\AppData\Roaming\uTorrent
2016-10-29 18:32:56 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-10-29 18:32:43 ----D---- C:\WINDOWS\system32\en-US
2016-10-29 18:32:42 ----D---- C:\WINDOWS\system32\appraiser
2016-10-29 18:32:38 ----D---- C:\WINDOWS\PolicyDefinitions
2016-10-29 18:32:37 ----RSD---- C:\WINDOWS\Fonts
2016-10-29 18:32:37 ----D---- C:\Program Files\Windows Media Player
2016-10-29 00:56:11 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-28 16:39:02 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-10-22 13:42:46 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-10-19 10:32:39 ----D---- C:\WINDOWS\Logs
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Achernar;Achernar - SCSI Command Filter Drivers; C:\WINDOWS\system32\Drivers\Achernar.sys [2015-11-27 34104]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 KuaiZipDrive;KuaiZipDrive; \??\C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [2016-11-15 92872]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-03 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-03 84992]
R3 netr28x;@oem15.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2016-09-01 2554528]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 rtbth;@oem8.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2015-11-21 1219200]
R3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2016-07-18 52904]
R3 SynTP;@oem9.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2016-07-18 622784]
R3 tap0901t;@oem0.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\System32\drivers\tap0901t.sys [2016-04-26 48824]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S1 MaohaWifiNetPro;MaohaWifiNetPro; \??\C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [2015-10-27 871152]
S2 KuaiZipDrive2;KuaiZipDrive2; \??\C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys [2016-11-15 93072]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-10-15 967168]
S3 ComputerZ_x64;ComputerZ_x64; \??\C:\program files (x86)\ludashi\ComputerZ_x64.sys [2016-06-27 49152]
S3 emAudio;PCTV EMP Audio Device; C:\WINDOWS\system32\drivers\emAudio64.sys [2015-11-27 32256]
S3 hidkmdf;@oem17.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\WINDOWS\System32\drivers\hidkmdf.sys [2016-10-06 23784]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 RSP2STOR;@oem6.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2015-11-21 310528]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2016-11-16 202304]
R2 Archer;Archer; C:\WINDOWS\SysWoW64\svchost.exe [2016-07-16 38792]
R2 Atokuse;Atokuse; %SystemRoot%\system32\svchost.exe -k Atokuse;"ServiceDll"=C:\Program Files (x86)\Zemitygrerloing\pospytocoiedMdl.dll
R2 CDPUserSvc_94387;CDPUserSvc_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-06-08 416408]
R2 GmSvc;Game Protection Service; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=C:\Program Files (x86)\LDSGameCenter\GmSvc.dll
R2 HpSvc;Hardware Protection Service; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=c:\program files (x86)\ludashi\lpi\HpSvc.dll
R2 Kuaizip Update Checker;Kuaizip Update Checker; %SystemRoot%\System32\svchost.exe -k kuaizip2updatesvc;"ServiceDll"=C:\Program Files (x86)\KuaiZip\X86\kuaizipUpdateChecker.dll
R2 KuaizipUpdateChecker;KuaizipUpdateChecker; %SystemRoot%\System32\svchost.exe -k kuaizipupdatesvc;"ServiceDll"=C:\Program Files\żěŃą\X86\kuaizipUpdateChecker.dll
R2 MaohaWifiSvr;MaohaWiFiService; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [2014-12-18 170464]
R2 OneSyncSvc_94387;Hostitel synchronizace_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2016-01-28 445600]
R2 ProntSpooler;ProntSpooler; C:\Program Files (x86)\TabletPlugins\vuw6t8GiF0IXjcPohAbt\UGRAfwFR.exe [2016-11-18 129536]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 337776]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-11-06 8016240]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-07-18 253960]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-08-08 7248144]
R3 PimIndexMaintenanceSvc_94387;Data kontaktů_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\TimeBrokerServer.dll
S2 backlh;Background Logic Handler; C:\ProgramData\Logic Handler\set.exe [2016-11-10 3786752]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 Nettrans;Network Packet Manitor; C:\ProgramData\NetworkPacketManitor\Nettrans.exe [2016-09-28 57856]
S2 PCValidator;PC SP Validator; C:\ProgramData\ValidatorPC\PCValidatorService.exe [2016-08-19 34304]
S2 SCService;SpeedChecker Service; C:\Program Files (x86)\Zrychleni Pocitace\SpeedCheckerService.exe [2016-01-28 67232]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2016-06-08 117400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [2016-10-13 329480]
S3 MessagingService_94387;Služba zasílání zpráv_94387; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 172488]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-09-15 823136]
S4 GoogleChromeUpService;GoogleChromeUpService; C:\ProgramData\service.exe [2016-11-15 1620992]
S4 HPWriter Service;HPWriter Service; C:\Users\uzi\AppData\Roaming\HPRewriter2\HPWriterSrv3.exe [2016-10-29 2045424]
S4 Quoteex;Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe [2016-11-15 692736]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------