Občasné zvláštní chování ntb

Zpráva

Albeda · #1 Příspěvek od **Albeda** » 02 kvě 2017 18:47

Zdravím,
občas se mi stává, že mi program spadne a notebook se vrátí do Windows. Také je o něco pomalejší. Neříkám, že mé chování (klikání) na internetu je bullet proof, ale dávám se relativně pozor ... Každopádně budu vděčný za kontrolu.

===RSIT===

Kód: Vybrat vše

Logfile of random's system information tool 1.16 (written by random/random) 
Run by Alb at 2017-05-02 19:34:29
Microsoft Windows 7 Ultimate  Service Pack 1
System drive C: has 3 GB (1%) free of 229 GB
Total RAM: 3948 MB (23% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:34:34, on 2.5.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal

Running processes:
C:\Windows\System32\PrintDisp.exe
C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe
C:\Users\Alb\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\TwinCAT\3.1\System\TcSysUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Alb_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = v6.pbyte.in:22510
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync]  (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync]  (User 'Default user')
O4 - Startup: Fences.lnk = C:\Program Files (x86)\Stardock\Fences\Fences.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~1\MICROS~2\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2016 (mitsijm2016) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TcAdsWcfHost - Beckhoff Automation GmbH - C:\TwinCAT\AdsApi\TcAdsWcf\v4.0.30319\TcAdsWcfHost.exe
O23 - Service: TcEventLogger - Beckhoff Automation GmbH - C:\TwinCAT\3.1\Components\TcEventLogger\TcEventLogger.exe
O23 - Service: TwinCAT Nc Interpreter (TcNcI) - Beckhoff Automation GmbH - C:\TwinCAT\3.1\Components\Mc\Nci\TcNcI.exe
O23 - Service: TwinCAT3 System Service (TcSysSrv) - Beckhoff Automation GmbH & Co. KG - C:\TwinCAT\3.1\System\TCATSysSrv.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TwinCAT3 Scope Server (TF3300 Scope Server) - BECKHOFF Automation GmbH & Co. KG - C:\TwinCAT\Functions\TF3300-Scope-Server\TC3ScopeServer.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12611 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 29694944
\??\C:\Windows\system32\conhost.exe "-2104646930-574934635-1430892484-2025195351-1320267442649395038-820384002-764025120
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\TwinCAT\3.1\Components\Mc\Nci\TcNcI.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe" 
"C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\SysWOW64\PSIService.exe
"C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\TwinCAT\3.1\Components\TcEventLogger\TcEventLogger.exe"
"C:\TwinCAT\3.1\System\TCATSysSrv.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\TwinCAT\Functions\TF3300-Scope-Server\TC3ScopeServer.exe"
C:\Windows\System32\alg.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" 
"C:\Windows\System32\PrintDisp.exe" 
"C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe" 
"C:\Users\Alb\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe" 
C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 
"C:\Program Files (x86)\Launch Manager\LManager.exe" 
"C:\TwinCAT\3.1\System\TcSysUI.exe" 
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 
"C:\Windows\system32\igfxext.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Alb\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0xa0,0xa4,0xa8,0x9c,0xac,0x6f017dc8,0x6f017dbc,0x6f017dd4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5684 --on-initialized-event-handle=324 --parent-handle=336 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1168 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --gpu-driver-date=5-26-2015 --service-request-channel-token=129EAE92B7DB7C932972D712ADECF15F --mojo-platform-channel-handle=1176 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1168 --primordial-pipe-token=F659A1E7AD771573974CF376DB03E660 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=F659A1E7AD771573974CF376DB03E660 --renderer-client-id=4 --mojo-platform-channel-handle=2316 /prefetch:1
"C:\Users\Alb\AppData\Local\Apps\2.0\YVP30Y8N.XRA\EB00ADTT.O4Q\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1168 --primordial-pipe-token=625E52D88A47AF755CE35B8CA8BA2B98 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=625E52D88A47AF755CE35B8CA8BA2B98 --renderer-client-id=22 --mojo-platform-channel-handle=3112 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1168 --primordial-pipe-token=D4C403C4799C85289A3E811282F7C599 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=D4C403C4799C85289A3E811282F7C599 --renderer-client-id=43 --mojo-platform-channel-handle=2064 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1168 --primordial-pipe-token=759E5C3A38C67E04DCE37B59A7818FC2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=759E5C3A38C67E04DCE37B59A7818FC2 --renderer-client-id=54 --mojo-platform-channel-handle=6124 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1168 --primordial-pipe-token=58F744DAFBF41C2AB1BC1692D69351AC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=58F744DAFBF41C2AB1BC1692D69351AC --renderer-client-id=73 --mojo-platform-channel-handle=7216 /prefetch:1
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1168 --primordial-pipe-token=80EADF73841FDD1E7B1530ED00A4E1D6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=80EADF73841FDD1E7B1530ED00A4E1D6 --renderer-client-id=88 --mojo-platform-channel-handle=5556 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 
"C:\Users\Alb\Downloads\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

====== Scheduled tasks folder ======

C:\Windows\tasks\MATLAB R2014a Startup Accelerator.job - C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe 
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\MATLAB R2014a Startup Accelerator - C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe
C:\Windows\system32\tasks\{98E60D2F-74A5-4296-8CEC-D2158A30B19A} - C:\Hry\POSTAL 2 - Paradise Lost\Paradise Lost\System\ParadiseLost.exe
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-874808185-2089641147-2639697378-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload mininterval:2880
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - "C:\Program Files\Microsoft Office\Office16\msoia.exe" scan upload
C:\Windows\system32\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-874808185-2089641147-2639697378-1000 - "C:\Windows\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Alb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms

=========Mozilla firefox=========

ProfilePath - C:\Users\Alb\AppData\Roaming\Mozilla\Firefox\Profiles\finbzz72.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL


C:\Users\Alb\AppData\Roaming\Mozilla\Firefox\Profiles\finbzz72.default\addons.json
Mozilla Firefox hotfix - extension - firefox-hotfix@mozilla.org

C:\Users\Alb\AppData\Roaming\Mozilla\Firefox\Profiles\finbzz72.default\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\Alb\AppData\Roaming\Mozilla\Firefox\Profiles\finbzz72.default\pluginreg.dat
Plugin - Shockwave Flash - 21.0.0.213 - C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll

=========Google Chrome=========

C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension dhdgffkkebhmkfjojejmpbldmpobfkfo 0 Tampermonkey 4.2.7
Extension dpplabbmogkhghncfbfdeeokoefdjegm 0 Proxy SwitchySharp 1.10.6
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.10.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5717.116.0.4
Homepage: 
default_search_provider.search_url: 
C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31 226984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office16\URLREDIR.DLL [2015-07-31 580312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~2\Office16\GROOVEEX.DLL [2015-07-31 2165976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office16\URLREDIR.DLL [2015-07-31 403672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2015-07-31 1512152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-01-26 368728]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-05 173672]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-05 401512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-05 444008]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 2392360]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2012-10-29 870400]
"Fences"=C:\Program Files (x86)\Stardock\Fences\Fences.exe [2012-10-29 4017368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager]
C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2016-02-24 529480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-12-14 531784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Officejet 6500 E710n-z (NET)]
C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MiPhoneManager]
C:\Users\Alb\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [2016-03-11 157624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-09 2876704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TcSysUI]
C:\TwinCAT\3.1\System\TcSysUi.exe [2017-01-27 1137224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]

C:\Users\Alb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-05 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2012-10-29 551640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{AD99243B-F007-0000-B1CC-22A4DDD4B96F}]
"StubPath" = msiexec /fus {AD99243B-F007-0000-B1CC-22A4DDD4B96F}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install - 
.scr - config - 

====== List of files/folders created in the last 3 months ======

2017-05-02 19:34:29 ----D---- C:\rsit
2017-05-02 19:34:29 ----D---- C:\Program Files\trend micro
2017-04-28 13:24:26 ----A---- C:\Windows\SYSWOW64\drivers\SECDRV.SYS
2017-04-24 19:06:19 ----D---- C:\ProgramData\2DBoy
2017-04-13 00:05:46 ----A---- C:\Windows\SYSWOW64\Vb6stkit.dll
2017-04-13 00:05:46 ----A---- C:\Windows\SYSWOW64\iSED.dll
2017-04-13 00:05:45 ----D---- C:\Program Files (x86)\Adolix
2017-04-12 05:24:53 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 05:24:53 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 05:24:53 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 05:24:52 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 05:24:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 05:24:48 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 05:24:48 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 05:24:48 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 05:24:48 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 05:24:48 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 05:24:48 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 05:24:48 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 05:24:47 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 05:24:47 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 05:24:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 05:24:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 05:24:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 05:24:45 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 05:24:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 05:24:44 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 05:24:43 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 05:24:43 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 05:24:43 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 05:24:43 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 05:24:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 05:24:42 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 05:24:42 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 05:24:42 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 05:24:40 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 05:24:40 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 05:24:40 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 05:24:39 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 05:24:39 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 05:24:39 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 05:24:39 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 05:24:39 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 05:24:38 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 05:24:38 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 05:24:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 05:24:36 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 05:24:36 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 05:24:36 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 05:24:36 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 05:24:36 ----A---- C:\Windows\system32\wups.dll
2017-04-12 05:24:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 05:24:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 05:24:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 05:24:35 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 05:24:35 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 05:24:35 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 05:24:35 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 05:24:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 05:24:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 05:24:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 05:24:33 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 05:24:32 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 05:24:32 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 05:24:32 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 05:24:32 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 05:24:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 05:24:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 05:24:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 05:24:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 05:24:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 05:24:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 05:24:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 05:24:30 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 05:24:30 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 05:24:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 05:24:30 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 05:24:30 ----A---- C:\Windows\system32\rdpudd.dll
2017-04-12 05:24:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 05:24:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 05:24:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 05:24:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 05:24:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 05:24:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 05:24:29 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 05:24:29 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 05:24:29 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 05:24:29 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 05:24:29 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 05:24:29 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 05:24:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 05:24:28 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 05:24:28 ----A---- C:\Windows\system32\smss.exe
2017-04-12 05:24:28 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 05:24:28 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 05:24:28 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 05:24:28 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 05:24:28 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 05:24:28 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 05:24:28 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 05:24:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 05:24:27 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 05:24:27 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 05:24:27 ----A---- C:\Windows\system32\occache.dll
2017-04-12 05:24:27 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 05:24:27 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 05:24:27 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 05:24:27 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 05:24:27 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 05:24:27 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 05:24:26 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 05:24:26 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 05:24:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 05:24:25 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 05:24:25 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 05:24:25 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 05:24:25 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 05:24:25 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 05:24:25 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 05:24:24 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\rdpcorets.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 05:24:24 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 05:24:24 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 05:24:24 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 05:24:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 05:24:23 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 05:24:23 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 05:24:23 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 05:24:23 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 05:24:22 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 05:24:22 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 05:24:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 05:24:22 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 05:24:22 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 05:24:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 05:24:22 ----A---- C:\Windows\system32\adtschema.dll
2017-04-12 05:24:21 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-05 20:36:03 ----D---- C:\Xiaomi
2017-04-05 20:35:37 ----A---- C:\Windows\system32\WinUSBCoInstaller2.dll
2017-04-05 20:35:23 ----D---- C:\Users\Alb\AppData\Roaming\Xiaomi
2017-03-20 00:48:06 ----A---- C:\Windows\SYSWOW64\msvcr110_clr0400.dll
2017-03-20 00:48:06 ----A---- C:\Windows\SYSWOW64\msvcr100_clr0400.dll
2017-03-20 00:48:06 ----A---- C:\Windows\SYSWOW64\msvcp110_clr0400.dll
2017-03-20 00:48:06 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2017-03-20 00:41:38 ----A---- C:\Windows\system32\msvcr110_clr0400.dll
2017-03-20 00:41:38 ----A---- C:\Windows\system32\msvcr100_clr0400.dll
2017-03-20 00:41:38 ----A---- C:\Windows\system32\msvcp110_clr0400.dll
2017-03-20 00:41:38 ----A---- C:\Windows\system32\aspnet_counters.dll
2017-03-19 20:18:28 ----D---- C:\Users\Alb\AppData\Roaming\TwinCAT PLC Control
2017-03-19 20:15:13 ----D---- C:\ProgramData\AP
2017-03-19 20:12:12 ----D---- C:\Users\Alb\AppData\Roaming\Beckhoff
2017-03-19 20:06:43 ----D---- C:\ProgramData\Beckhoff
2017-03-19 20:04:10 ----A---- C:\Windows\system32\drivers\TcRteIm.sys
2017-03-19 20:04:10 ----A---- C:\Windows\system32\drivers\TcI8255x.sys
2017-03-19 20:04:10 ----A---- C:\Windows\system32\drivers\TcI8254x.sys
2017-03-19 20:04:10 ----A---- C:\Windows\system32\drivers\TcEther.sys
2017-03-19 20:04:10 ----A---- C:\Windows\system32\drivers\CxDevice.sys
2017-03-19 20:02:12 ----D---- C:\ProgramData\TwinCAT PLC Control
2017-03-19 20:02:08 ----D---- C:\TwinCAT
2017-03-19 19:58:35 ----D---- C:\Windows\SYSWOW64\1033
2017-03-19 19:55:51 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 12.0
2017-03-19 19:55:48 ----D---- C:\Program Files (x86)\Microsoft Help Viewer
2017-03-19 19:55:14 ----D---- C:\Program Files (x86)\Windows Kits
2017-03-19 19:53:49 ----D---- C:\Windows\system32\1033
2017-03-19 19:53:45 ----D---- C:\Program Files\Microsoft Visual Studio 12.0
2017-03-19 19:53:45 ----D---- C:\Program Files (x86)\Microsoft SDKs
2017-03-15 20:57:13 ----D---- C:\Users\Alb\AppData\Roaming\OrangeApps
2017-03-15 20:55:28 ----D---- C:\Program Files (x86)\OrangeEdit
2017-03-15 20:55:25 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2017-03-15 20:55:24 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-03-15 07:14:44 ----A---- C:\Windows\system32\msxml3.dll
2017-03-15 07:14:44 ----A---- C:\Windows\system32\DWrite.dll
2017-03-15 07:14:43 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-03-15 07:14:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-03-15 07:14:42 ----A---- C:\Windows\system32\usp10.dll
2017-03-15 07:14:42 ----A---- C:\Windows\system32\FntCache.dll
2017-03-15 07:14:42 ----A---- C:\Windows\HelpPane.exe
2017-03-15 07:14:41 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-03-15 07:14:41 ----A---- C:\Windows\system32\inetcomm.dll
2017-03-15 07:14:41 ----A---- C:\Windows\system32\drivers\srv.sys
2017-03-15 07:14:40 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-03-15 07:14:40 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-03-15 07:14:40 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-03-15 07:14:40 ----A---- C:\Windows\system32\mscms.dll
2017-03-15 07:14:40 ----A---- C:\Windows\system32\icm32.dll
2017-03-15 07:14:39 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2017-03-15 07:14:39 ----A---- C:\Windows\system32\WcsPlugInService.dll
2017-03-15 07:14:38 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2017-03-15 07:14:38 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-03-15 07:14:38 ----A---- C:\Windows\system32\msxml3r.dll
2017-03-15 07:14:38 ----A---- C:\Windows\system32\INETRES.dll
2017-03-15 07:14:38 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-03-15 07:14:38 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-02-22 05:06:10 ----A---- C:\Windows\wawx_dumpreg64.dll
2017-02-22 05:06:10 ----A---- C:\Users\Alb\AppData\Roaming\twow_sysprepdt.dat
2017-02-13 01:02:20 ----D---- C:\Program Files (x86)\TNod
2017-02-13 00:44:37 ----D---- C:\ProgramData\ESET
2017-02-13 00:41:21 ----D---- C:\Windows\system32\MRT
2017-02-13 00:41:08 ----AC---- C:\Windows\system32\MRT.exe
2017-02-12 22:41:48 ----D---- C:\ProgramData\VS Revo Group
2017-02-12 22:41:47 ----A---- C:\Windows\system32\drivers\revoflt.sys
2017-02-12 22:41:44 ----D---- C:\Program Files\VS Revo Group
2017-02-12 15:08:58 ----D---- C:\ProgramData\ForceOfNature
2017-02-12 12:51:57 ----D---- C:\Program Files (x86)\TeamViewer
2017-02-09 21:10:10 ----D---- C:\Fraps

====== List of files/folders modified in the last 3 months ======

2017-05-02 19:34:32 ----D---- C:\Windows\Temp
2017-05-02 19:34:29 ----RD---- C:\Program Files
2017-05-02 18:23:56 ----D---- C:\Windows\System32
2017-05-02 18:23:55 ----D---- C:\Windows\inf
2017-05-02 18:23:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-02 18:21:13 ----D---- C:\Users\Alb\AppData\Roaming\uTorrent
2017-05-02 18:05:22 ----D---- C:\Windows\system32\config
2017-05-02 17:54:32 ----SHD---- C:\System Volume Information
2017-05-02 17:34:30 ----A---- C:\Windows\SYSWOW64\log.txt
2017-05-02 17:33:07 ----SHD---- C:\Windows\Installer
2017-04-29 11:10:08 ----D---- C:\Hry
2017-04-28 13:31:55 ----RSD---- C:\Windows\Fonts
2017-04-28 13:24:26 ----D---- C:\Windows\SYSWOW64\drivers
2017-04-28 06:52:58 ----RD---- C:\Program Files (x86)
2017-04-25 10:36:15 ----D---- C:\Windows\rescache
2017-04-24 19:06:19 ----HD---- C:\ProgramData
2017-04-24 16:34:34 ----D---- C:\Windows\system32\Tasks
2017-04-23 21:16:42 ----D---- C:\Users\Alb\AppData\Roaming\DAEMON Tools Lite
2017-04-20 17:23:00 ----D---- C:\Program Files\Mozilla Firefox
2017-04-20 17:23:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-18 06:04:41 ----D---- C:\Windows\Microsoft.NET
2017-04-15 09:32:41 ----RSD---- C:\Windows\assembly
2017-04-13 06:55:06 ----D---- C:\Windows\winsxs
2017-04-13 06:54:09 ----D---- C:\Program Files\Internet Explorer
2017-04-13 06:54:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-04-13 06:54:08 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 06:54:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-04-13 06:54:08 ----D---- C:\Windows\SysWOW64
2017-04-13 06:54:08 ----D---- C:\Windows\system32\sk-SK
2017-04-13 06:54:08 ----D---- C:\Windows\system32\en-US
2017-04-13 06:54:08 ----D---- C:\Windows\system32\drivers
2017-04-13 06:54:08 ----D---- C:\Windows\system32\cs-CZ
2017-04-13 06:54:07 ----D---- C:\Windows\system32\Boot
2017-04-13 06:54:07 ----D---- C:\Windows\AppPatch
2017-04-13 06:54:07 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 00:19:17 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 22:49:48 ----D---- C:\Moje
2017-04-12 05:21:39 ----D---- C:\Windows\system32\catroot2
2017-04-09 19:26:28 ----D---- C:\Users\Alb\AppData\Roaming\TeamViewer
2017-04-09 15:36:44 ----SD---- C:\Users\Alb\AppData\Roaming\Microsoft
2017-04-05 20:35:52 ----D---- C:\Windows\system32\DriverStore
2017-03-20 20:56:34 ----D---- C:\Users\Alb\AppData\Roaming\vlc
2017-03-19 19:59:47 ----D---- C:\Windows
2017-03-19 19:59:40 ----SD---- C:\ProgramData\Microsoft
2017-03-19 19:59:24 ----D---- C:\Program Files (x86)\Common Files
2017-03-19 19:59:15 ----D---- C:\ProgramData\Package Cache
2017-03-19 19:55:34 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2017-03-19 19:54:33 ----D---- C:\Program Files (x86)\MSBuild
2017-03-19 19:53:50 ----D---- C:\Program Files (x86)\Microsoft.NET
2017-03-19 19:53:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2017-03-19 11:56:30 ----D---- C:\==ODLOZ==
2017-03-15 18:52:29 ----D---- C:\Windows\SYSWOW64\migration
2017-03-15 18:52:29 ----D---- C:\Windows\system32\migration
2017-03-15 18:52:29 ----D---- C:\Program Files\DVD Maker
2017-03-09 21:17:50 ----D---- C:\Mobil
2017-02-24 00:01:46 ----D---- C:\==SDILENO==
2017-02-22 04:31:36 ----D---- C:\Program Files (x86)\Battle.net
2017-02-13 00:41:20 ----D---- C:\Windows\debug
2017-02-12 23:16:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-02-12 23:16:03 ----D---- C:\Windows\system32\Macromed
2017-02-12 23:15:53 ----D---- C:\Windows\SYSWOW64\Macromed
2017-02-12 23:04:55 ----D---- C:\zaloha
2017-02-12 23:01:31 ----D---- C:\Windows\Logs
2017-02-12 22:58:01 ----D---- C:\Skola
2017-02-12 22:41:39 ----D---- C:\Users\Alb\AppData\Roaming\Spotify
2017-02-09 20:41:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2015-09-16 213848]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2015-09-16 516096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2015-09-16 60416]
R2 CxDevice;Beckhoff Automation CxDevice Driver; C:\Windows\System32\Drivers\CxDevice.sys [2017-01-27 67952]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 TcCnc;TwinCAT CNC Server; \??\C:\TwinCAT\3.1\Driver\TcCnc.sys [2017-01-27 10709872]
R2 TcIo;TwinCAT IO Server; \??\C:\TwinCAT\3.1\Driver\TcIo.sys [2017-01-27 1005928]
R2 TcIoBACnetR9;TwinCAT IoBACnet R9; \??\C:\TwinCAT\3.1\Driver\TcIoBACnetR9.sys [2017-01-27 2052976]
R2 TcIoCCat;TwinCAT IoCCat; \??\C:\TwinCAT\3.1\Driver\TcIoCCat.sys [2017-01-27 827760]
R2 TcIoDrivers;TwinCAT IO Drivers; \??\C:\TwinCAT\3.1\Driver\TcIoDrivers.sys [2017-01-27 821608]
R2 TcIoECat;TwinCAT IoECat; \??\C:\TwinCAT\3.1\Driver\TcIoECat.sys [2017-01-27 1428848]
R2 TcIoECatSimu;TwinCAT IoECatSimu; \??\C:\TwinCAT\3.1\Driver\TcIoECatSimu.sys [2017-01-27 458600]
R2 TcIoESlv;TwinCAT IoESlv; \??\C:\TwinCAT\3.1\Driver\TcIoESlv.sys [2017-01-27 470376]
R2 TcIoEth;TwinCAT IoEth; \??\C:\TwinCAT\3.1\Driver\TcIoEth.sys [2017-01-27 1688432]
R2 TcIoEthIp;TwinCAT IO Ethernet IP; \??\C:\TwinCAT\3.1\Driver\TcIoEthIp.sys [2017-01-27 663912]
R2 TcIoPNet;TwinCAT IoPNet; \??\C:\TwinCAT\3.1\Driver\TcIoPNet.sys [2017-01-27 998760]
R2 TcNc;TwinCAT NC Server; \??\C:\TwinCAT\3.1\Driver\TcNc.sys [2017-01-27 3374440]
R2 TcNcObjects;TwinCAT NC Objects Server; \??\C:\TwinCAT\3.1\Driver\TcNcObjects.sys [2017-01-27 563048]
R2 TcPlc30;TwinCAT PLC 30 Server; \??\C:\TwinCAT\3.1\Driver\TcPlc30.sys [2017-01-27 2010984]
R2 TcRouter;TwinCAT Router Server; \??\C:\TwinCAT\3.1\Driver\TcRouter.sys [2017-01-27 1025896]
R2 TcRTime;TwinCAT Realtime Server; \??\C:\TwinCAT\3.1\Driver\TcRTime.sys [2017-01-27 638312]
R2 TcRtsObjects;TwinCAT RTS Object; \??\C:\TwinCAT\3.1\Driver\TcRtsObjects.sys [2017-01-27 1056624]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-03-11 2712064]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-09-28 30352]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-05 5375448]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-06-05 342528]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2015-09-28 169584]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1395248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2015-09-16 18432]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-09-16 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2016-12-16 40984]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2015-09-16 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2015-09-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-09-16 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2016-02-24 1145928]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2015-02-05 31160]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 mitsijm2016;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2016; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [2014-09-30 968480]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2012-10-21 121856]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [2007-06-05 177704]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [2016-11-29 186760]
R2 TcEventLogger;TcEventLogger; C:\TwinCAT\3.1\Components\TcEventLogger\TcEventLogger.exe [2017-01-27 258120]
R2 TcNcI;TwinCAT Nc Interpreter; C:\TwinCAT\3.1\Components\Mc\Nci\TcNcI.exe [2017-01-27 628296]
R2 TcSysSrv;TwinCAT3 System Service; C:\TwinCAT\3.1\System\TCATSysSrv.exe [2017-01-27 710216]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-03-17 10883824]
R2 TF3300 Scope Server;TwinCAT3 Scope Server; C:\TwinCAT\Functions\TF3300-Scope-Server\TC3ScopeServer.exe [2016-10-06 2076160]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-05 280680]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-10-19 1369856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-09 198088]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-07-30 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-09 1467168]
S3 TcAdsWcfHost;TcAdsWcfHost; C:\TwinCAT\AdsApi\TcAdsWcf\v4.0.30319\TcAdsWcfHost.exe [2013-09-20 7680]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-05 87728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-09-30 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]

-----------------EOF-----------------

Albeda · #2 Příspěvek od **Albeda** » 02 kvě 2017 18:47

===FRST===

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2017
Ran by Alb (administrator) on B07-1118B (02-05-2017 19:40:02)
Running from C:\Users\Alb\Desktop
Loaded Profiles: Alb (Available Profiles: Alb)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Beckhoff Automation GmbH) C:\TwinCAT\3.1\Components\Mc\Nci\TcNcI.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Windows\SysWOW64\PSIService.exe
() C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe
(Beckhoff Automation GmbH) C:\TwinCAT\3.1\Components\TcEventLogger\TcEventLogger.exe
(Beckhoff Automation GmbH & Co. KG) C:\TwinCAT\3.1\System\TCATSysSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(BECKHOFF Automation GmbH & Co. KG) C:\TwinCAT\Functions\TF3300-Scope-Server\TC3ScopeServer.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Akamai Technologies, Inc.) C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Alb\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
(Akamai Technologies, Inc.) C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Beckhoff Automation GmbH) C:\TwinCAT\3.1\System\TcSysUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Users\Alb\AppData\Local\Apps\2.0\YVP30Y8N.XRA\EB00ADTT.O4Q\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Alb\Downloads\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-01-26] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392360 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [870400 2012-10-29] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Alb\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MountPoints2: E - E:\MafiaLauncher.EXE
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MountPoints2: {5752e7ee-d493-11e5-a60e-047d7b4ecfd1} - H:\setup.exe
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MountPoints2: {5752e80f-d493-11e5-a60e-047d7b4ecfd1} - H:\SETUP.EXE
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MountPoints2: {81225c87-8026-11e6-9910-047d7b4ecfd1} - F:\Lenovo_Suite.exe
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MountPoints2: {87543787-6623-11e5-8b5a-047d7b4ecfd1} - E:\AUTORUN.EXE
HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MountPoints2: {c7d0371f-a0e3-11e5-871c-047d7b4ecfd1} - F:\SETUP.EXE
HKU\S-1-5-18\...\Run: [Autodesk Sync] => [X]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Alb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk [2016-11-13]
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-874808185-2089641147-2639697378-1000] => v6.pbyte.in:22510
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{486ABBD8-06C1-45CE-8398-4D02076D62F6}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: finbzz72.default
FF ProfilePath: C:\Users\Alb\AppData\Roaming\Mozilla\Firefox\Profiles\finbzz72.default [2017-04-20]
FF NetworkProxy: Mozilla\Firefox\Profiles\finbzz72.default -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\finbzz72.default -> socks_port", 9870
FF NetworkProxy: Mozilla\Firefox\Profiles\finbzz72.default -> type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-05-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-05-06] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-11-29] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default [2017-05-02]
CHR Extension: (Tampermonkey) - C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-05]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2017-01-10]
CHR Extension: (AdBlock) - C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-16]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Alb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
R2 mitsijm2016; C:\Program Files\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe [968480 2014-09-30] (Autodesk, Inc.)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
U2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [186760 2016-11-29] ()
S3 TcAdsWcfHost; C:\TwinCAT\AdsApi\TcAdsWcf\v4.0.30319\TcAdsWcfHost.exe [7680 2013-09-20] (Beckhoff Automation GmbH) [File not signed]
R2 TcEventLogger; C:\TwinCAT\3.1\Components\TcEventLogger\TcEventLogger.exe [258120 2017-01-27] (Beckhoff Automation GmbH)
R2 TcNcI; C:\TwinCAT\3.1\Components\Mc\Nci\TcNcI.exe [628296 2017-01-27] (Beckhoff Automation GmbH)
R2 TcSysSrv; C:\TwinCAT\3.1\System\TCATSysSrv.exe [710216 2017-01-27] (Beckhoff Automation GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 TF3300 Scope Server; C:\TwinCAT\Functions\TF3300-Scope-Server\TC3ScopeServer.exe [2076160 2016-10-06] (BECKHOFF Automation GmbH & Co. KG) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CxDevice; C:\Windows\System32\Drivers\CxDevice.sys [67952 2017-01-27] (Beckhoff Automation GmbH)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-09-28] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106768 2017-01-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [49672 2017-01-17] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [77616 2017-01-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60536 2017-01-17] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [96856 2017-01-17] (ESET)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2017-04-28] () [File not signed]
R2 TcCnc; C:\TwinCAT\3.1\Driver\TcCnc.sys [10709872 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIo; C:\TwinCAT\3.1\Driver\TcIo.sys [1005928 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoBACnetR9; C:\TwinCAT\3.1\Driver\TcIoBACnetR9.sys [2052976 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoCCat; C:\TwinCAT\3.1\Driver\TcIoCCat.sys [827760 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoDrivers; C:\TwinCAT\3.1\Driver\TcIoDrivers.sys [821608 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoECat; C:\TwinCAT\3.1\Driver\TcIoECat.sys [1428848 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoECatSimu; C:\TwinCAT\3.1\Driver\TcIoECatSimu.sys [458600 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoESlv; C:\TwinCAT\3.1\Driver\TcIoESlv.sys [470376 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoEth; C:\TwinCAT\3.1\Driver\TcIoEth.sys [1688432 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoEthIp; C:\TwinCAT\3.1\Driver\TcIoEthIp.sys [663912 2017-01-27] (Beckhoff Automation GmbH)
R2 TcIoPNet; C:\TwinCAT\3.1\Driver\TcIoPNet.sys [998760 2017-01-27] (Beckhoff Automation GmbH)
R2 TcNc; C:\TwinCAT\3.1\Driver\TcNc.sys [3374440 2017-01-27] (Beckhoff Automation GmbH)
R2 TcNcObjects; C:\TwinCAT\3.1\Driver\TcNcObjects.sys [563048 2017-01-27] (Beckhoff Automation GmbH)
R2 TcPlc30; C:\TwinCAT\3.1\Driver\TcPlc30.sys [2010984 2017-01-27] (Beckhoff Automation GmbH)
R2 TcRouter; C:\TwinCAT\3.1\Driver\TcRouter.sys [1025896 2017-01-27] (Beckhoff Automation GmbH)
R2 TcRTime; C:\TwinCAT\3.1\Driver\TcRTime.sys [638312 2017-01-27] (Beckhoff Automation GmbH)
R2 TcRtsObjects; C:\TwinCAT\3.1\Driver\TcRtsObjects.sys [1056624 2017-01-27] (Beckhoff Automation GmbH)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-02 19:40 - 2017-05-02 19:40 - 00019067 _____ C:\Users\Alb\Desktop\FRST.txt
2017-05-02 19:39 - 2017-05-02 19:36 - 02428416 _____ (Farbar) C:\Users\Alb\Desktop\FRST64.exe
2017-05-02 19:37 - 2017-05-02 19:37 - 00112640 _____ (forum.viry.cz) C:\Users\Alb\Downloads\FRSTLauncher.exe
2017-05-02 19:37 - 2017-05-02 19:37 - 00000000 ____D C:\FRST
2017-05-02 19:36 - 2017-05-02 19:36 - 02428416 _____ (Farbar) C:\Users\Alb\Downloads\FRST64.exe
2017-05-02 19:34 - 2017-05-02 19:34 - 00000000 ____D C:\rsit
2017-05-02 19:34 - 2017-05-02 19:34 - 00000000 ____D C:\Program Files\trend micro
2017-05-02 19:33 - 2017-05-02 19:33 - 01329152 _____ C:\Users\Alb\Downloads\RSITx64.exe
2017-05-02 18:45 - 2017-05-02 18:45 - 04635239 _____ C:\Users\Alb\Downloads\l850 c850 userguide.pdf
2017-04-29 11:11 - 2017-04-29 11:11 - 00000000 ____D C:\Users\Alb\AppData\LocalLow\Squad
2017-04-28 13:27 - 2017-04-28 13:27 - 00000000 ____D C:\Users\Alb\AppData\Local\Freelancer
2017-04-28 13:26 - 2017-04-28 13:26 - 01659242 _____ C:\Users\Alb\Downloads\freelancer-nocd-1_0-ENG.zip
2017-04-28 13:24 - 2017-04-28 13:24 - 00011376 _____ C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2017-04-28 13:13 - 2017-04-28 13:13 - 00010833 _____ C:\Users\Alb\Downloads\[CzT]Kerbal_Space_Program_v1_2_2016_.torrent
2017-04-28 13:05 - 2017-04-28 13:05 - 00663012 _____ C:\Users\Alb\Downloads\[CzT]Freelancer_2003_.torrent
2017-04-28 13:03 - 2017-04-28 13:03 - 00014859 _____ C:\Users\Alb\Downloads\[CzT]FTL_Faster_Than_Light_Advanced_Edition_v1_5_4_2014_.torrent
2017-04-27 21:50 - 2017-04-27 21:50 - 00018981 _____ C:\Users\Alb\Downloads\[CzT]Doctor_Strange_2016_CZ_.torrent
2017-04-25 19:05 - 2017-04-25 19:06 - 141624982 _____ C:\Users\Alb\Downloads\GPZ.zip
2017-04-24 20:55 - 2017-04-24 20:55 - 00395593 _____ C:\Users\Alb\Downloads\[CzT]Hvezdna_brana_Stargate_SG_1_serie_1_10_CZ_.torrent
2017-04-24 19:06 - 2017-04-24 19:06 - 00000000 ____D C:\ProgramData\2DBoy
2017-04-24 19:04 - 2017-04-24 19:04 - 00001574 _____ C:\Users\Public\Desktop\World of Goo.lnk
2017-04-24 19:04 - 2017-04-24 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldOfGoo
2017-04-24 18:59 - 2017-04-24 18:59 - 00011662 _____ C:\Users\Alb\Downloads\[CzT]The_World_of_Goo_plna_verze_nekonecne_navykova_.torrent
2017-04-24 17:53 - 2017-04-24 17:53 - 00039975 _____ C:\Users\Alb\Downloads\[CzT]Pillars_of_Eternity_Royal_Edition_v2_13_0_18_3_DLC_2015_2016_.torrent
2017-04-24 16:34 - 2017-05-02 17:34 - 00000000 ____D C:\Users\Alb\AppData\Local\Deployment
2017-04-24 16:34 - 2017-04-24 16:34 - 00611400 _____ () C:\Users\Alb\Downloads\LSBsetup.exe
2017-04-24 16:34 - 2017-04-24 16:34 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2017-04-24 16:34 - 2017-04-24 16:34 - 00000000 ____D C:\Users\Alb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-04-24 16:34 - 2017-04-24 16:34 - 00000000 ____D C:\Users\Alb\AppData\Local\Apps\2.0
2017-04-24 08:12 - 2017-04-24 08:12 - 00082683 _____ C:\Users\Alb\Downloads\objednavka-4118048982.pdf
2017-04-23 22:05 - 2017-04-23 22:05 - 11064030 _____ C:\Users\Alb\Desktop\Windows 7 Loader eXtreme Edition v3.503 (Napalum).zip
2017-04-23 21:13 - 2017-04-23 21:13 - 00020842 _____ C:\Users\Alb\Downloads\[CzT]Balik_aktivatoru_Windows_7_8_10_v13_2017_.torrent
2017-04-20 17:33 - 2017-04-20 17:33 - 06828760 _____ C:\Users\Alb\Downloads\lunarlander.zip
2017-04-20 17:22 - 2017-04-20 17:22 - 00553728 _____ C:\Users\Alb\Downloads\lunar-lander_en(1).jar
2017-04-20 17:21 - 2017-04-20 17:21 - 00553728 _____ C:\Users\Alb\Downloads\lunar-lander_en.jar
2017-04-20 17:10 - 2017-04-20 17:10 - 00099607 _____ C:\Users\Alb\Downloads\moonlander_001 (2).swf
2017-04-20 17:09 - 2017-04-20 17:09 - 00099607 _____ C:\Users\Alb\Downloads\moonlander_001.swf
2017-04-20 16:15 - 2017-04-20 16:15 - 00061260 _____ C:\Users\Alb\Downloads\export_20170420_1615.pdf
2017-04-19 21:22 - 2017-04-19 21:22 - 00024271 _____ C:\Users\Alb\Downloads\The.Big.Bang.Theory.S10E21.HDTV.x264-KILLERS.srt
2017-04-19 06:00 - 2017-04-19 06:00 - 00016815 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E05_Duveruj_ale_proveruj_CZ_TvRip_ (1).torrent
2017-04-17 18:02 - 2017-04-17 18:02 - 00040835 _____ C:\Users\Alb\Downloads\[CzT]Taboo_1_serie_TvRip_720p_.torrent
2017-04-16 16:38 - 2017-04-16 16:38 - 00000000 _____ C:\Users\Alb\Desktop\NovĂ˝ textovĂ˝ dokument.txt
2017-04-13 00:05 - 2017-04-13 00:05 - 01919990 _____ (Adolix Software ) C:\Users\Alb\Downloads\AdolixSplitMergePDFSetup.exe.exe
2017-04-13 00:05 - 2017-04-13 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adolix
2017-04-13 00:05 - 2017-04-13 00:05 - 00000000 ____D C:\Program Files (x86)\Adolix
2017-04-13 00:05 - 2007-03-01 13:38 - 01417216 _____ (SEDTech (Pty) Ltd.) C:\Windows\SysWOW64\iSED.dll
2017-04-13 00:05 - 2003-05-28 15:33 - 01063171 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2017-04-13 00:05 - 1998-06-24 10:00 - 00244024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFLXGRD.OCX
2017-04-13 00:05 - 1998-06-18 10:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6stkit.dll
2017-04-12 23:57 - 2017-04-12 23:57 - 00026665 _____ C:\Users\Alb\Downloads\[CzT]The_Sims_4_Deluxe_Edition_12_2015_CZ_.torrent
2017-04-12 23:49 - 2017-04-12 23:49 - 00790166 _____ C:\Users\Alb\Downloads\Usneseni_1-1.jpg.zip
2017-04-12 23:43 - 2017-04-12 23:43 - 00243379 _____ C:\Users\Alb\Downloads\17-050-d-2 (1).pdf
2017-04-12 23:41 - 2017-04-12 23:41 - 00117728 _____ C:\Users\Alb\Downloads\17-050-d_pĹ™edvolĂˇnĂ.pdf
2017-04-12 23:14 - 2017-04-12 23:14 - 00061420 _____ C:\Users\Alb\Downloads\export_20170412_2314.pdf
2017-04-12 23:14 - 2017-04-12 23:14 - 00053760 _____ C:\Users\Alb\Downloads\1070744260227_20170104_20170411.pdf
2017-04-12 22:59 - 2017-04-12 22:59 - 00437155 _____ C:\Users\Alb\Downloads\TH_20160401-20170412.pdf
2017-04-12 05:24 - 2017-03-27 20:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-12 05:24 - 2017-03-27 19:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-12 05:24 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-12 05:24 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-12 05:24 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-12 05:24 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-12 05:24 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-12 05:24 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-12 05:24 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-12 05:24 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-12 05:24 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-12 05:24 - 2017-03-25 20:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-12 05:24 - 2017-03-25 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-04-12 05:24 - 2017-03-25 20:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-04-12 05:24 - 2017-03-25 20:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-12 05:24 - 2017-03-25 20:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-04-12 05:24 - 2017-03-25 20:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-04-12 05:24 - 2017-03-25 20:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-04-12 05:24 - 2017-03-25 20:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-04-12 05:24 - 2017-03-25 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-04-12 05:24 - 2017-03-25 20:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-04-12 05:24 - 2017-03-25 20:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-12 05:24 - 2017-03-25 20:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-04-12 05:24 - 2017-03-25 20:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 05:24 - 2017-03-25 20:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-04-12 05:24 - 2017-03-25 20:14 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-04-12 05:24 - 2017-03-25 20:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-04-12 05:24 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-12 05:24 - 2017-03-25 20:13 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-04-12 05:24 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-12 05:24 - 2017-03-25 20:04 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-04-12 05:24 - 2017-03-25 20:02 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-04-12 05:24 - 2017-03-25 19:57 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-04-12 05:24 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-12 05:24 - 2017-03-25 19:56 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-04-12 05:24 - 2017-03-25 19:56 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-04-12 05:24 - 2017-03-25 19:56 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-04-12 05:24 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-12 05:24 - 2017-03-25 19:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 05:24 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-12 05:24 - 2017-03-25 19:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-04-12 05:24 - 2017-03-25 19:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 05:24 - 2017-03-25 19:29 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-04-12 05:24 - 2017-03-25 19:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-04-12 05:24 - 2017-03-25 19:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-12 05:24 - 2017-03-25 19:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-12 05:24 - 2017-03-25 19:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-04-12 05:24 - 2017-03-25 19:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-04-12 05:24 - 2017-03-25 19:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-04-12 05:24 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-12 05:24 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-12 05:24 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-12 05:24 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-12 05:24 - 2017-03-25 18:57 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-04-12 05:24 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-12 05:24 - 2017-03-25 18:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-04-12 05:24 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-12 05:24 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-12 05:24 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-12 05:24 - 2017-03-25 00:50 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-12 05:24 - 2017-03-25 00:42 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-12 05:24 - 2017-03-22 17:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-12 05:24 - 2017-03-22 17:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-12 05:24 - 2017-03-22 17:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-12 05:24 - 2017-03-22 17:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-12 05:24 - 2017-03-22 17:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-12 05:24 - 2017-03-22 17:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-12 05:24 - 2017-03-22 17:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-12 05:24 - 2017-03-22 17:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-12 05:24 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-12 05:24 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-12 05:24 - 2017-03-22 17:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-12 05:24 - 2017-03-22 17:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 05:24 - 2017-03-22 17:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-12 05:24 - 2017-03-22 17:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-12 05:24 - 2017-03-22 17:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-12 05:24 - 2017-03-22 17:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-12 05:24 - 2017-03-14 17:34 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-12 05:24 - 2017-03-14 17:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-12 05:24 - 2017-03-14 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-04-12 05:24 - 2017-03-10 18:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-12 05:24 - 2017-03-10 18:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-12 05:24 - 2017-03-10 18:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-12 05:24 - 2017-03-10 18:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-12 05:24 - 2017-03-10 18:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-12 05:24 - 2017-03-10 18:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-12 05:24 - 2017-03-10 18:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-04-12 05:24 - 2017-03-10 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-04-12 05:24 - 2017-03-10 18:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-04-12 05:24 - 2017-03-10 18:00 - 03219968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-12 05:24 - 2017-03-10 17:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-12 05:24 - 2017-03-08 22:20 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-04-12 05:24 - 2017-03-08 22:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-04-12 05:24 - 2017-03-08 06:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-04-12 05:24 - 2017-03-08 06:36 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-12 05:24 - 2017-03-08 06:36 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-04-12 05:24 - 2017-03-08 06:36 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-04-12 05:24 - 2017-03-08 06:36 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-04-12 05:24 - 2017-03-08 06:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-04-12 05:24 - 2017-03-08 06:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-04-12 05:24 - 2017-03-08 06:24 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-04-12 05:24 - 2017-03-08 06:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 06:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 05:24 - 2017-03-08 06:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-04-12 05:24 - 2017-03-08 06:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-04-12 05:24 - 2017-03-08 06:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 05:24 - 2017-03-08 06:00 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-04-12 05:24 - 2017-03-08 05:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-04-12 05:24 - 2017-03-08 05:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-04-12 05:24 - 2017-03-08 05:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-12 05:24 - 2017-03-08 05:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-12 05:24 - 2017-03-08 05:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-12 05:24 - 2017-03-08 05:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-04-12 05:24 - 2017-03-08 05:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-04-12 05:24 - 2017-03-08 05:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-04-12 05:24 - 2017-03-08 05:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-04-12 05:24 - 2017-03-08 05:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-04-12 05:24 - 2017-03-08 05:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-04-12 05:24 - 2017-03-08 05:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-04-12 05:24 - 2017-03-08 05:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 05:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 05:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 05:24 - 2017-03-08 05:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 05:24 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-12 05:24 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-12 05:24 - 2017-03-07 16:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-12 05:24 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-12 05:24 - 2017-03-04 03:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-12 05:24 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-12 05:24 - 2017-03-04 03:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-12 05:24 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-12 05:24 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-12 05:24 - 2017-02-11 18:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-12 05:24 - 2017-02-11 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-12 05:24 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-12 05:24 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-12 05:24 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 05:24 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 05:24 - 2016-03-24 00:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-12 05:24 - 2016-03-24 00:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-11 17:57 - 2017-04-11 17:57 - 00034037 _____ C:\Users\Alb\Downloads\Taboo-S01E01(0000281554).srt
2017-04-10 18:01 - 2017-04-10 18:01 - 00017216 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E06_Kouc_K_CZ_TvRip_.torrent
2017-04-10 18:00 - 2017-04-10 18:00 - 00016815 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E05_Duveruj_ale_proveruj_CZ_TvRip_.torrent
2017-04-10 13:57 - 2017-04-10 13:57 - 00243379 _____ C:\Users\Alb\Downloads\17-050-d-2.pdf
2017-04-10 12:12 - 2017-04-10 12:12 - 00000000 ____D C:\Users\Alb\Desktop\newest
2017-04-10 08:08 - 2017-04-10 08:08 - 00013693 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E04_Specialni_carodejnicky_dil_XXVII_CZ_TvRip_.torrent
2017-04-09 21:30 - 2017-04-09 21:30 - 00041898 _____ C:\Users\Alb\Downloads\[CzT]Cerne_zrcadlo_Black_Mirror_1_a_2_serie_CZ_WebRip_720p_.torrent
2017-04-09 21:12 - 2017-04-09 21:12 - 00499712 _____ C:\Users\Alb\Downloads\cv3.accdb
2017-04-09 19:49 - 2017-04-09 19:49 - 00064833 _____ C:\Users\Alb\Downloads\4006935429.pdf
2017-04-09 19:46 - 2017-04-09 19:46 - 00113855 _____ C:\Users\Alb\Downloads\Doklad_SIPO_201704_8011008592 (1).pdf
2017-04-09 19:43 - 2017-04-09 19:43 - 00094893 _____ C:\Users\Alb\Downloads\Doklad_SIPO_201701_8011008592.pdf
2017-04-09 19:30 - 2017-04-09 19:30 - 00063971 _____ C:\Users\Alb\Desktop\4006910698.pdf
2017-04-09 19:28 - 2017-04-09 19:28 - 00064227 _____ C:\Users\Alb\Desktop\4006882040.pdf
2017-04-09 18:15 - 2017-04-09 18:39 - 00430080 _____ C:\Users\Alb\Downloads\VBA1-WEB.accdb
2017-04-09 17:04 - 2017-04-09 17:04 - 00016002 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E02_Virtualni_rodina_CZ_TVRip_1080p_.torrent
2017-04-09 17:03 - 2017-04-09 17:03 - 00015858 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E01_Monty_Burnsuv_letajici_cirkus_CZ_TvRip_1080p_.torrent
2017-04-09 17:02 - 2017-04-09 17:02 - 00019025 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E02_Friends_and_Family_TVRip_.torrent
2017-04-09 17:02 - 2017-04-09 17:02 - 00016263 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E03_Nesnasime_Boston_CZ_TVRip_1080p_.torrent
2017-04-09 17:01 - 2017-04-09 17:01 - 00015344 _____ C:\Users\Alb\Downloads\[CzT]Simpsonovi_The_Simpsons_S28E01_Monty_Burns_Fleeing_Circus_TVRip_.torrent
2017-04-09 15:36 - 2017-04-09 16:37 - 00520192 _____ C:\Users\Alb\Downloads\L4.accdb
2017-04-08 16:00 - 2017-04-08 16:00 - 00117728 _____ C:\Users\Alb\Desktop\17-050-d_pĹ™edvolĂˇnĂ.pdf
2017-04-06 14:41 - 2017-04-06 14:41 - 00000000 ____D C:\Users\Alb\Desktop\GNP
2017-04-05 20:36 - 2017-04-05 20:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2017-04-05 20:36 - 2017-04-05 20:36 - 00000000 ____D C:\Xiaomi
2017-04-05 20:35 - 2017-04-05 20:38 - 00001346 _____ C:\Users\Alb\Desktop\MiPCSuite.lnk
2017-04-05 20:35 - 2017-04-05 20:38 - 00000000 ____D C:\Users\Alb\AppData\Local\MiPhoneManager
2017-04-05 20:35 - 2017-04-05 20:35 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2017-04-05 20:35 - 2017-04-05 20:35 - 00000000 ____D C:\Users\Alb\AppData\Roaming\Xiaomi
2017-04-05 20:35 - 2017-04-05 20:35 - 00000000 ____D C:\Users\Alb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2017-04-05 20:35 - 2017-04-05 20:35 - 00000000 ____D C:\Users\Alb\.android

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-02 18:27 - 2009-07-14 06:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-02 18:27 - 2009-07-14 06:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-02 18:26 - 2016-11-13 21:53 - 00000000 ____D C:\Users\Alb\Downloads\===TORRENTY===
2017-05-02 18:23 - 2010-11-21 11:27 - 00668792 _____ C:\Windows\system32\perfh005.dat
2017-05-02 18:23 - 2010-11-21 11:27 - 00141420 _____ C:\Windows\system32\perfc005.dat
2017-05-02 18:23 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-02 18:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-05-02 18:22 - 2016-02-16 12:24 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-05-02 18:22 - 2015-12-01 11:41 - 00000542 _____ C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job
2017-05-02 18:21 - 2016-11-13 22:54 - 00000000 ____D C:\Users\Alb\AppData\Roaming\uTorrent
2017-05-02 17:33 - 2015-10-19 13:13 - 00000000 ____D C:\Users\Alb\AppData\Local\Akamai
2017-05-02 17:32 - 2016-09-29 20:24 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-05-02 17:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-29 11:10 - 2015-09-28 22:15 - 00000000 ____D C:\Hry
2017-04-28 21:49 - 2015-09-28 12:58 - 00166784 _____ C:\Users\Alb\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-28 21:49 - 2009-07-14 06:45 - 00573360 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-28 13:27 - 2016-02-13 21:02 - 00000000 ____D C:\Users\Alb\Documents\My Games
2017-04-28 13:23 - 2015-10-16 14:31 - 00000000 ____D C:\Users\Alb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-04-28 06:52 - 2015-09-28 14:05 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 06:52 - 2015-09-28 14:05 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 11:46 - 2016-12-28 15:37 - 00000000 ____D C:\Users\Alb\Documents\OCCT
2017-04-25 10:36 - 2016-11-06 14:09 - 00000000 ____D C:\Windows\rescache
2017-04-24 16:22 - 2017-03-19 20:15 - 00000730 _____ C:\Users\Alb\AppData\Roaming\APStartupCulture
2017-04-24 16:22 - 2017-03-19 20:15 - 00000730 _____ C:\ProgramData\APStartupCulture
2017-04-23 22:19 - 2017-02-12 12:52 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-04-23 22:19 - 2017-02-12 12:52 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-04-23 22:19 - 2017-02-12 12:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-23 21:16 - 2015-09-28 23:15 - 00000000 ____D C:\Users\Alb\AppData\Roaming\DAEMON Tools Lite
2017-04-20 17:45 - 2017-01-10 21:58 - 00000000 ____D C:\Users\Alb\AppData\LocalLow\Mozilla
2017-04-20 17:23 - 2017-01-10 21:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-20 17:23 - 2017-01-10 21:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-13 00:25 - 2017-02-13 00:41 - 00000000 ____D C:\Windows\system32\MRT
2017-04-13 00:21 - 2017-02-13 00:41 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-13 00:19 - 2015-09-28 14:15 - 01558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-04-12 22:49 - 2016-02-20 15:10 - 00000000 ____D C:\Moje
2017-04-09 19:26 - 2016-05-28 11:11 - 00000000 ____D C:\Users\Alb\Documents\Soubory aplikace Outlook
2017-04-09 19:26 - 2015-12-07 20:35 - 00000000 ____D C:\Users\Alb\AppData\Roaming\TeamViewer
2017-04-05 20:35 - 2015-09-28 12:58 - 00000000 ____D C:\Users\Alb
2017-04-04 06:29 - 2015-09-28 14:07 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2017-03-19 20:15 - 2017-04-24 16:22 - 0000730 _____ () C:\Users\Alb\AppData\Roaming\APStartupCulture
2002-08-29 19:33 - 2002-08-29 19:33 - 0319488 ____R () C:\Users\Alb\AppData\Roaming\MafiaSetup.exe
2017-02-22 05:06 - 2017-02-22 05:06 - 0000044 _____ () C:\Users\Alb\AppData\Roaming\twow_sysprepdt.dat
2016-12-04 10:57 - 2016-12-04 13:28 - 0004608 _____ () C:\Users\Alb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-10 22:05 - 2017-01-17 23:27 - 0000600 _____ () C:\Users\Alb\AppData\Local\PUTTY.RND
2015-11-30 05:20 - 2015-11-30 05:20 - 0000000 _____ () C:\Users\Alb\AppData\Local\{48E0DD20-1471-4BDE-9E5B-50C44822D607}
2015-11-02 17:28 - 2015-11-02 17:28 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-03-19 20:15 - 2017-04-24 16:22 - 0000730 _____ () C:\ProgramData\APStartupCulture
2016-02-23 09:40 - 2016-02-23 09:40 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
2016-09-09 15:14 - 2016-09-09 15:14 - 4377136 _____ (Beckhoff Automation) C:\Users\Alb\AppData\Local\Temp\TC3-BlockDiagram.exe
2016-10-06 08:48 - 2016-10-06 08:48 - 24262328 _____ (Beckhoff Automation) C:\Users\Alb\AppData\Local\Temp\TC3-Measurement-Update.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET PersonĂˇlnĂ firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Alb\Desktop" je 21 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
"C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN15U2416905JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Officejet 6500 E710n-z (NET)
"C:\Users\Alb\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe"  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MiPhoneManager
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
C:\TwinCAT\3.1\System\TcSysUi.exe  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TcSysUI
Re§im ECHO je vypnut.

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================

Albeda · #3 Příspěvek od **Albeda** » 02 kvě 2017 18:48

+ Addition.txt vkládám sem, protože po nahrání přílohy mi vyskočila hláška "Přípona txt není povolena"

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2017
Ran by Alb (02-05-2017 19:40:46)
Running from C:\Users\Alb\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-09-28 10:58:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-874808185-2089641147-2639697378-500 - Administrator - Disabled)
Alb (S-1-5-21-874808185-2089641147-2639697378-1000 - Administrator - Enabled) => C:\Users\Alb
Guest (S-1-5-21-874808185-2089641147-2639697378-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3007 - Acer Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adolix Split and Merge PDF v1.3 (HKLM-x32\...\Adolix Split and Merge PDF_is1) (Version:  - Adolix Software)
Age of Empires II HD The African Kingdoms (HKLM-x32\...\Age of Empires II HD The African Kingdoms_is1) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.42.68439 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden
Anki (HKLM-x32\...\Anki) (Version:  - )
AoE II HD Compatibility Patch version 4.0->1.0c (HKLM-x32\...\AoE II HD Compatibility Patch_is1) (Version: 4.0->1.0c - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD Mechanical 2016 - Čeština (Czech) (Version: 20.0.46.0 - Autodesk) Hidden
AutoCAD Mechanical 2016 - English (Version: 20.0.46.0 - Autodesk) Hidden
AutoCAD Mechanical 2016 Language Pack – Čeština (Czech) (Version: 20.0.46.0 - Autodesk) Hidden
AutoCAD Mechanical 2016 Private (Version: 20.0.46.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD Mechanical 2016 - Čeština (Czech) (HKLM\...\AutoCAD Mechanical 2016 - Čeština (Czech)) (Version: 20.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk Configurator 360 addin (HKLM-x32\...\{563941AA-C055-4FAA-8B04-A4E024A61F7E}) (Version: 20.0.10300 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Download Manager (HKLM-x32\...\{EC92633C-8F08-470A-BCDF-3FE5FD778C8D}) (Version: 4.0.14.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.1980 - Autodesk, Inc.)
Autodesk Inventor Content Center Libraries 2016 (Desktop Content) (HKLM\...\{B46DECD1-2064-4EF1-0000-22D71E81877C}) (Version: 20.0.13800.0000 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2016 – Čeština (Czech) (HKLM\...\Autodesk Inventor Electrical Catalog Browser 2016 – Čeština (Czech)) (Version: 13.0.46.0 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2016 – Čeština (Czech) (Version: 13.0.46.0 - Autodesk) Hidden
Autodesk Inventor Professional 2016 - Čeština (Czech) (HKLM\...\Autodesk Inventor Professional 2016) (Version: 20.0.13800.0000 - Autodesk)
Autodesk Inventor Professional 2016 (Version: 20.0.13800.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2016 Jazykový balíček – Čeština (Czech) (Version: 20.0.13800.0000 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2016 (HKLM-x32\...\{FA5DF4D1-CD59-4183-B3D4-779A56498786}) (Version: 6.3.0.15 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Beckhoff TwinCAT 3 BlockDiagram (HKLM-x32\...\{9093FB91-89FF-47AD-A834-ACE74BB286BE}) (Version: 1.4.1408.0 - Beckhoff Automation)
Beckhoff TwinCAT 3 Scope (HKLM-x32\...\{9FDA23E6-1864-4721-8077-225138AE8D0B}) (Version: 3.2.3136.1 - Beckhoff Automation)
Beckhoff TwinCAT 3.1 (Build 4020) (HKLM-x32\...\{FBAFA092-4376-4D09-ACA9-279AB897A76A}) (Version: 3.1.4020.32 - Beckhoff Automation)
Beckhoff TwinCAT PnP Driver Package (HKLM-x32\...\{3B9B3E9E-3260-4927-8C46-01D074695FEE}) (Version: 3.1.9.0 - Beckhoff Automation)
Bridge Constructor (HKLM\...\Steam App 250460) (Version:  - ClockStone)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.69.1079 - AB Team, d.o.o.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.011.0000 - Corel Corporation)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
Eco Materials Adviser for Autodesk Inventor 2016 (64-bit) (HKLM\...\{1A56BE00-916E-432D-A576-EB00D2FF8450}) (Version: 5.6.4.44 - Granta Design Limited)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ESET Smart Security (HKLM\...\{61C3C6CF-C71F-41A8-9C35-E01BC146C4D9}) (Version: 10.0.390.0 - ESET, spol. s r.o.)
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version:  - Eurobattle.net)
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.139.918 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
GameRanger (HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Infix PDF Editor verze 6.1.9.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.1.9.0 - Iceni Technology)
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Jazykový balíček Autodesk Inventor Electrical Catalog Browser 2016 – Čeština (Czech) (Version: 13.0.46.0 - Autodesk) Hidden
Killing Floor - Toy Master (HKLM\...\Steam App 326960) (Version:  - David Hensley)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
Lenovo Service Bridge (HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lightning Oblivion Shivering Isles Czech (HKLM-x32\...\lgooblivionshiveringislesczech_is1) (Version: 1.0.1.091227 - michal zobec, lightning group company)
Mafia Game (HKLM-x32\...\Mafia Game) (Version:  - )
Mathcad 14 (HKLM-x32\...\{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}) (Version: 14.0.3.0 - PTC)
Mathcad 14 Help (HKLM-x32\...\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}) (Version: 14 - Mathsoft)
Mathcad 14 Resource Center (HKLM-x32\...\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}) (Version: 14 - Mathsoft)
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.7 - Design Science, Inc.)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
Mi PC Suite (HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\MiPhoneManager) (Version:  - Xiaomi Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable (HKLM-x32\...\{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2013 Shell (Integrated) (HKLM-x32\...\{246c9aa4-e96d-476e-a3f4-789b455c7478}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio 2013 Shell (Isolated) (HKLM-x32\...\{dd77c2ff-db69-44f7-9e5c-63aa540dfe07}) (Version: 12.0.21005.13 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x64 cs) (HKLM\...\Mozilla Firefox 50.1.0 (x64 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.2.0416 - Bethesda Softworks)
OCCT 4.4.2 (HKLM-x32\...\OCCT) (Version: 4.4.2 - Ocbase.com)
OrangeEdit 2.0 BETA (HKLM-x32\...\OrangeEdit_is1) (Version: 2.0.13.75 - OrangeApps GmbH)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Papers, Please (HKLM-x32\...\Papers, Please_is1) (Version:  - )
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version:  - Photodex Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
Sins of a Solar Empire Rebellion 1.82 (HKLM-x32\...\Sins of a Solar Empire Rebellion 1.82) (Version:  - )
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Spotify (HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Settlers II - 10th Anniversary (HKLM-x32\...\S2TNG) (Version:  - )
TNod User & Password Finder (HKLM\...\TNod) (Version: 1.6.1.0 - Tukero[X]Team)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Unreal Tournament G.O.T.Y. Edition (HKLM-x32\...\UnrealTournament) (Version:  - )
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Warcraft III verze 1.22 (HKLM-x32\...\{E5EB7710-29E1-47E3-9636-0E8CA5B0D3CA}_is1) (Version: 1.22 - tomi2k9)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-874808185-2089641147-2639697378-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH)
YTD Video Downloader 4.9.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.9.2 - GreenTree Applications SRL) <==== ATTENTION
Základní software zařízení HP Officejet 6500 E710n-z (HKLM\...\{D671A50E-FF48-45FB-9250-4EE519837294}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{04991C5B-9ABF-48F7-AB39-48051DBBD48E}\InprocServer32 -> AcmPEXCtrl.ocx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{0F7BC65C-AB86-4BA1-A3A5-63539C2BD78B}\InprocServer32 -> AcmPEXCtrl.ocx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{44B7A29C-EAEA-4527-B0B0-297E61EFEE3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acadm\AcmPmDb32.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{641094DE-35F7-4CAC-AFF1-C39AABA22E43}\InprocServer32 -> g3vPartAuthEnviron.arx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6E2A9D17-D1DA-43E9-94E6-C513D3315891}\InprocServer32 -> g3vPartAuthEnviron.arx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{91520053-F024-4E94-B185-C80D25E0F985}\InprocServer32 -> g3vPartAuthEnviron.arx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{A00B0751-378A-4254-8689-8BA2DD25283F}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\Acadm\AmgAdc.arx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{A5DC4F3D-CB7E-46DF-A1DE-51421A94232C}\InprocServer32 -> g3vPartAuthEnviron.arx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Alb\AppData\Local\Autodesk\webdeploy\production\0b4f23f5ab6d17ab9c22c6495f7102a0ad0fc078\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C532F3AD-EFAD-41C0-8864-0093FF43D06A}\InprocServer32 -> g3vPartAuthEnviron.arx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DD7A3651-067D-4AC2-AB5B-EB851BA9486C}\InprocServer32 -> AcmPEXCtrl.ocx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\cs-CZ\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{EFE2B983-6FB7-463C-AFF2-E513228567F7}\InprocServer32 -> g3vPartAuthEnviron.arx => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FD4044AD-1CA6-4dd3-814D-B2ECB0431853}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acadm\AcmPmDb32.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2016\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-874808185-2089641147-2639697378-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06B7668F-2F9E-4FCA-BF66-6CA117BC771E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {13B1E001-0893-46FF-B729-8916DAFEE542} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {2C10421B-EE03-4080-83DC-2E99AE52F28B} - System32\Tasks\{98E60D2F-74A5-4296-8CEC-D2158A30B19A} => C:\Hry\POSTAL 2 - Paradise Lost\Paradise Lost\System\ParadiseLost.exe 
Task: {43097F2D-DA94-4698-9F4B-F656E69D9C27} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-02-16] ()
Task: {90117301-A128-44F8-83AE-FBCE3533C92B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {968E159A-DCF1-43A1-B592-CDAB03C719FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {CBF42562-98FA-46FA-AD91-7B1242B35721} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-874808185-2089641147-2639697378-1000 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Alb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {D57672F6-AC25-4978-9434-8B519F412B56} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {DDFFA42E-3DF7-46FE-BE83-F5856C90649C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {E8925918-6910-4D0F-A1BE-B35D8CD0480B} - System32\Tasks\MATLAB R2014a Startup Accelerator => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe [2014-01-29] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

VIRY.CZ

Občasné zvláštní chování ntb

Občasné zvláštní chování ntb

Re: Občasné zvláštní chování ntb

Re: Občasné zvláštní chování ntb