Prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 03 čer 2017 22:20

U memtest kliknem na start a ukáže mi toto .
memtest.png



FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
Ran by mzatu (administrator) on LAPTOP-UGI8L3RR (03-06-2017 22:14:30)
Running from C:\Users\mzatu\Desktop
Loaded Profiles: mzatu (Available Profiles: mzatu)
Platform: Windows 10 Home Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxEM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-06-18] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2788920 2016-01-09] (NVIDIA Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1831256 2016-01-08] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [602968 2015-12-08] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
HKU\S-1-5-21-708756834-277520051-3063566683-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{991723c5-8aea-49f0-868f-f4b7b750cb4a}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-708756834-277520051-3063566683-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\S-1-5-21-708756834-277520051-3063566683-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-708756834-277520051-3063566683-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-27] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-27] (Microsoft Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-02-10] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-05] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-27] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default [2017-06-03]
CHR Extension: (Prezentácie Google) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-03]
CHR Extension: (Dokumenty Google) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-03]
CHR Extension: (Disk Google) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-03]
CHR Extension: (YouTube) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-03]
CHR Extension: (Tabuľky Google) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-03]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-06-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-03]
CHR Extension: (Gmail) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-03]
CHR Extension: (Chrome Media Router) - C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] ()
S4 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S4 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1747800 2017-02-16] (Intel Security)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe [301504 2017-01-04] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe [480192 2017-01-04] (Intel Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [392480 2017-01-24] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-04-12] (ELAN Microelectronics Corp.)
S4 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164856 2016-01-09] (NVIDIA Corporation)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe [341952 2017-01-04] (Intel Corporation)
S4 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
S4 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2016-01-25] (Lenovo)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [379896 2015-07-03] (McAfee, Inc.)
S2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
S4 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-01-09] (NVIDIA Corporation)
S4 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32328 2017-04-12] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253696 2017-01-13] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys [11039680 2017-01-04] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7626488 2017-03-09] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-12-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [408280 2015-10-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [772480 2015-12-25] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-06-03] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-06-03] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-03 22:14 - 2017-06-03 22:15 - 00019977 _____ C:\Users\mzatu\Desktop\FRST.txt
2017-06-03 22:14 - 2017-06-03 22:14 - 00000000 ____D C:\FRST
2017-06-03 22:13 - 2017-06-03 22:13 - 02433536 _____ (Farbar) C:\Users\mzatu\Downloads\FRST64.exe
2017-06-03 22:13 - 2017-06-03 22:13 - 02433536 _____ (Farbar) C:\Users\mzatu\Desktop\FRST64.exe
2017-06-03 22:09 - 2017-06-03 22:09 - 00000645 _____ C:\Users\mzatu\Desktop\preklad memtest.txt
2017-06-03 22:01 - 2017-06-03 22:01 - 02160656 _____ C:\Users\mzatu\Downloads\wrar540cz (1).exe
2017-06-03 22:01 - 2017-06-03 22:01 - 02160656 _____ C:\Users\mzatu\Desktop\wrar540cz (1).exe
2017-06-03 20:46 - 2017-06-03 20:46 - 00001276 _____ C:\Users\mzatu\Desktop\CrystalDiskInfo.lnk
2017-06-03 20:46 - 2017-06-03 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-06-03 20:46 - 2017-06-03 20:46 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-06-03 20:46 - 2017-06-03 20:45 - 03961080 _____ (Crystal Dew World ) C:\Users\mzatu\Desktop\CrystalDiskInfo7_0_5.exe
2017-06-03 20:45 - 2017-06-03 20:45 - 03961080 _____ (Crystal Dew World ) C:\Users\mzatu\Downloads\CrystalDiskInfo7_0_5.exe
2017-06-03 20:44 - 2017-06-03 20:44 - 02160656 _____ C:\Users\mzatu\Downloads\wrar540cz.exe
2017-06-03 20:40 - 2017-06-03 20:40 - 00015600 _____ C:\Users\mzatu\Downloads\MemTest.zip
2017-06-03 20:40 - 2017-06-03 20:40 - 00015600 _____ C:\Users\mzatu\Desktop\MemTest.zip
2017-06-03 15:22 - 2017-06-03 20:39 - 00002892 _____ C:\Users\mzatu\AppData\Roaming\SpeedRunnersLog.txt
2017-06-03 15:22 - 2017-06-03 15:23 - 00000000 ____D C:\Users\mzatu\AppData\Roaming\discordsdk
2017-06-03 15:22 - 2017-06-03 15:22 - 00000000 ____D C:\Users\mzatu\Documents\SavedGames
2017-06-03 14:47 - 2017-06-03 14:48 - 00001281 _____ C:\DelFix.txt
2017-06-03 14:46 - 2017-06-03 14:46 - 00000000 ____D C:\Users\mzatu\Desktop\backups
2017-06-03 14:41 - 2017-06-03 14:41 - 00797760 _____ C:\Users\mzatu\Downloads\delfix_1.013.exe
2017-06-03 14:40 - 2017-06-03 14:40 - 00000000 ____D C:\Users\mzatu\AppData\Local\NetworkTiles
2017-06-03 12:55 - 2017-06-03 12:55 - 00000000 ____D C:\Users\mzatu\AppData\Roaming\Google
2017-06-03 11:25 - 2017-06-03 22:14 - 00141497 _____ C:\WINDOWS\ZAM.krnl.trace
2017-06-03 11:25 - 2017-06-03 22:14 - 00136135 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-06-03 11:25 - 2017-06-03 11:25 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-06-03 11:25 - 2017-06-03 11:25 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-06-03 11:25 - 2017-06-03 11:25 - 00001224 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-06-03 11:25 - 2017-06-03 11:25 - 00000000 ____D C:\Users\mzatu\AppData\Local\Zemana
2017-06-03 11:25 - 2017-06-03 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-06-03 11:25 - 2017-06-03 11:25 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-06-03 11:24 - 2017-06-03 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-06-03 11:24 - 2017-06-03 11:23 - 05774688 _____ (Zemana Ltd. ) C:\Users\mzatu\Desktop\Zemana.AntiMalware.Setup.exe
2017-06-03 11:23 - 2017-06-03 11:24 - 05774688 _____ (Zemana Ltd. ) C:\Users\mzatu\Downloads\Zemana.AntiMalware.Setup (1).exe
2017-06-03 11:23 - 2017-06-03 11:23 - 05774688 _____ (Zemana Ltd. ) C:\Users\mzatu\Downloads\Zemana.AntiMalware.Setup.exe
2017-06-03 11:17 - 2017-06-03 10:52 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-06-02 19:40 - 2017-06-03 10:01 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-06-02 19:40 - 2017-06-02 20:05 - 00000000 ____D C:\ProgramData\RogueKiller
2017-06-02 19:21 - 2017-06-02 19:21 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-06-02 19:21 - 2017-06-02 19:21 - 00000000 ____D C:\ProgramData\Sophos
2017-06-02 19:21 - 2017-06-02 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-06-02 19:20 - 2017-06-02 19:20 - 00000000 ____D C:\Program Files (x86)\Sophos
2017-06-02 19:19 - 2017-06-02 19:19 - 168674720 _____ (Sophos Limited) C:\Users\mzatu\Desktop\Sophos Virus Removal Tool.exe
2017-06-02 19:17 - 2017-06-02 19:19 - 168674720 _____ (Sophos Limited) C:\Users\mzatu\Downloads\Sophos Virus Removal Tool.exe
2017-06-02 18:53 - 2017-06-02 18:53 - 00014424 _____ C:\Users\mzatu\Downloads\28578_00_13247_2017-06-01.pdf
2017-06-02 17:15 - 2017-06-02 17:15 - 00000000 ____D C:\Users\mzatu\AppData\Local\CEF
2017-06-02 17:13 - 2017-06-02 17:13 - 00001652 _____ C:\Users\mzatu\Desktop\1.scan malware.txt
2017-06-02 17:05 - 2017-06-03 12:52 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-02 17:05 - 2017-06-03 11:20 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-02 17:05 - 2017-06-03 11:20 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-02 17:05 - 2017-06-03 11:20 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-02 17:05 - 2017-06-02 17:05 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-02 17:05 - 2017-06-02 17:05 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-02 17:05 - 2017-06-02 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-02 17:05 - 2017-06-02 17:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-02 17:05 - 2017-06-02 17:05 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-02 17:05 - 2017-05-31 11:09 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-02 16:54 - 2017-06-02 16:54 - 64025992 _____ (Malwarebytes ) C:\Users\mzatu\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-02 16:54 - 2017-06-02 16:54 - 64025992 _____ (Malwarebytes ) C:\Users\mzatu\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-02 16:53 - 2017-06-03 20:48 - 00009199 _____ C:\Users\mzatu\Desktop\Nový textový dokument.txt
2017-06-02 16:36 - 2017-06-02 16:36 - 00050688 _____ (Atribune.org) C:\Users\mzatu\Downloads\ATF-Cleaner.exe
2017-06-02 16:36 - 2017-06-02 16:36 - 00050688 _____ (Atribune.org) C:\Users\mzatu\Desktop\ATF-Cleaner.exe
2017-05-22 17:14 - 2017-06-02 19:49 - 00000000 ____D C:\Windows.old
2017-05-22 17:13 - 2017-05-22 17:13 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02800128 _____ (Microsoft Corporation)

Reklama
Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 03 čer 2017 22:21

C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-22 17:13 - 2017-05-22 17:13 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-22 17:13 - 2017-05-22 17:13 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-22 17:13 - 2017-05-22 17:13 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-22 17:13 - 2017-05-22 17:13 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-22 17:13 - 2017-05-22 17:13 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-22 17:13 - 2017-05-22 17:13 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-22 17:13 - 2017-05-22 17:13 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-22 17:13 - 2017-05-22 17:13 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-22 17:13 - 2017-05-22 17:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-22 17:13 - 2017-05-22 17:13 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-22 17:13 - 2017-05-22 17:13 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-22 17:05 - 2017-05-22 17:05 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-22 17:05 - 2017-05-22 16:19 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-22 17:01 - 2017-05-22 17:01 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-22 17:01 - 2017-05-22 17:01 - 00000000 ____D C:\Program Files\MSBuild
2017-05-22 17:01 - 2017-05-22 17:01 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-22 17:01 - 2017-05-22 17:01 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-22 17:00 - 2017-05-22 17:00 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-22 17:00 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-22 17:00 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-22 17:00 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-22 17:00 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-22 17:00 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-22 17:00 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-22 16:57 - 2017-05-22 16:57 - 00000020 ___SH C:\Users\mzatu\ntuser.ini
2017-05-22 16:48 - 2017-05-22 16:49 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-22 16:48 - 2017-05-22 16:49 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-22 16:43 - 2017-06-03 11:25 - 00924622 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-22 16:43 - 2017-06-03 11:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-22 16:43 - 2017-05-22 17:02 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-22 16:43 - 2017-05-22 16:43 - 00003382 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-22 16:43 - 2017-05-22 16:43 - 00003158 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-22 16:43 - 2017-05-22 16:43 - 00002470 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-05-22 16:43 - 2017-05-22 16:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-05-22 16:43 - 2017-05-22 16:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-05-22 16:43 - 2017-05-22 16:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2017-05-22 16:34 - 2017-05-22 16:34 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-22 16:30 - 2017-05-22 16:30 - 00000000 ____D C:\ProgramData\USOShared
2017-05-22 16:29 - 2017-05-22 16:35 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-22 16:27 - 2017-06-03 13:01 - 00000000 ____D C:\Users\mzatu
2017-05-22 16:26 - 2017-05-22 16:35 - 00000000 ____D C:\Program Files (x86)\Lenovo EasyCamera
2017-05-22 16:25 - 2017-05-22 16:30 - 00000000 ____D C:\ProgramData\Conexant
2017-05-22 16:25 - 2017-05-22 16:30 - 00000000 ____D C:\Program Files\CONEXANT
2017-05-22 16:25 - 2017-05-22 16:25 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-22 16:24 - 2017-05-22 16:30 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-22 16:24 - 2017-05-22 16:30 - 00000000 ____D C:\Program Files\Intel
2017-05-22 16:24 - 2017-05-22 16:24 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-22 16:24 - 2017-01-04 04:08 - 00113640 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-22 16:24 - 2017-01-04 04:08 - 00104432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-05-22 16:24 - 2016-12-29 15:16 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-22 16:24 - 2016-12-29 15:16 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-22 16:24 - 2016-12-29 15:16 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-22 16:24 - 2016-12-29 15:16 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-22 16:24 - 2016-12-29 15:16 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-22 16:24 - 2016-12-29 15:16 - 00147000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-22 16:24 - 2016-12-29 15:16 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-22 16:24 - 2016-12-29 15:16 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-22 16:24 - 2016-12-22 01:59 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-22 16:23 - 2017-05-22 16:30 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-22 16:23 - 2017-05-22 16:30 - 00000000 ____D C:\Program Files\Elantech
2017-05-22 16:23 - 2017-05-22 16:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-05-22 16:22 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-22 16:19 - 2017-06-03 21:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-22 16:19 - 2017-06-03 09:56 - 00380264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-19 18:39 - 2017-05-22 16:57 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-16 17:14 - 2017-05-16 17:14 - 00001259 _____ C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizácie a ochrana súkromia.lnk
2017-05-16 16:06 - 2017-05-16 16:06 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-05-16 16:06 - 2017-05-16 16:06 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-05-12 20:25 - 2017-05-12 20:25 - 00000000 ____D C:\Users\mzatu\AppData\Local\UNP
2017-05-12 17:43 - 2017-05-22 16:35 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-12 17:43 - 2017-05-12 17:44 - 00000000 ____D C:\Program Files\UNP
2017-05-12 16:25 - 2017-05-12 16:25 - 00158133 _____ C:\Users\mzatu\Downloads\FORMULAR_NA_ODSTUPENIE_OD_KUPNEJ_ZMLUVY.pdf
2017-05-10 18:46 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-07 17:57 - 2017-05-07 17:57 - 00000000 ____D C:\Users\mzatu\Documents\My Games
2017-05-06 10:16 - 2017-05-06 10:16 - 00000006 _____ C:\Users\mzatu\Desktop\Recovery Code - steam.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-03 22:13 - 2016-11-22 16:02 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-03 22:02 - 2017-01-09 10:52 - 00032768 _____ () C:\Users\mzatu\Desktop\memtest.exe
2017-06-03 20:42 - 2017-01-03 14:47 - 00000000 ____D C:\Users\mzatu\AppData\Roaming\TS3Client
2017-06-03 15:54 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-03 15:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-03 14:49 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-03 11:38 - 2016-11-22 15:17 - 00000000 ____D C:\Users\mzatu\AppData\Local\VirtualStore
2017-06-03 11:21 - 2016-11-22 15:17 - 00000000 __SHD C:\Users\mzatu\IntelGraphicsProfiles
2017-06-03 11:19 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-03 11:11 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-06-02 16:44 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-02 16:39 - 2016-11-22 15:19 - 00000000 ____D C:\Users\mzatu\AppData\Local\Comms
2017-05-31 16:06 - 2017-03-23 17:15 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-29 18:10 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-27 14:16 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-27 09:57 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-27 09:55 - 2016-06-18 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-27 09:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-23 17:51 - 2017-01-07 17:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 17:48 - 2017-01-07 17:27 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-22 17:18 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-22 17:14 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-22 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-22 17:14 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-22 17:14 - 2016-11-22 15:17 - 00000000 ____D C:\Users\mzatu\AppData\Local\Packages
2017-05-22 17:08 - 2017-03-20 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-05-22 17:08 - 2017-03-20 06:09 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-05-22 17:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-22 17:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-05-22 17:02 - 2016-11-22 15:21 - 00002374 _____ C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-22 17:02 - 2016-11-22 15:21 - 00000000 ___RD C:\Users\mzatu\OneDrive
2017-05-22 16:58 - 2017-01-16 12:03 - 00000000 ____D C:\Users\mzatu\AppData\Local\ConnectedDevicesPlatform
2017-05-22 16:57 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-22 16:57 - 2015-11-03 21:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-22 16:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-22 16:50 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-22 16:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-22 16:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-22 16:43 - 2017-03-20 06:10 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-22 16:43 - 2017-01-16 11:50 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-22 16:42 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-22 16:40 - 2016-11-22 16:00 - 00002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-22 16:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-22 16:35 - 2017-01-23 01:47 - 00000000 ____D C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rusted.cz
2017-05-22 16:35 - 2016-11-22 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-22 16:35 - 2016-11-22 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2017-05-22 16:35 - 2016-06-18 14:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-05-22 16:35 - 2016-06-18 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Harman
2017-05-22 16:35 - 2016-06-18 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-22 16:35 - 2016-06-18 12:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-05-22 16:34 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-05-22 16:32 - 2017-01-10 04:40 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-22 16:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-22 16:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-22 16:31 - 2016-06-18 13:59 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-22 16:30 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-22 16:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-22 16:30 - 2017-01-10 04:40 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-22 16:30 - 2016-06-18 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2017-05-22 16:26 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-22 16:25 - 2016-06-18 13:46 - 00000000 ___HD C:\Intel
2017-05-22 16:24 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-16 16:07 - 2016-06-18 13:58 - 00000000 ____D C:\ProgramData\Intel
2017-05-16 16:06 - 2016-06-18 13:47 - 00000000 ____D C:\Program Files (x86)\Intel

==================== Files in the root of some directories =======

2017-06-03 15:22 - 2017-06-03 20:39 - 0002892 _____ () C:\Users\mzatu\AppData\Roaming\SpeedRunnersLog.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-02 19:45

==================== End of FRST.txt ============================

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 03 čer 2017 22:22

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by mzatu (03-06-2017 22:16:03)
Running from C:\Users\mzatu\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-22 14:51:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-708756834-277520051-3063566683-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-708756834-277520051-3063566683-503 - Limited - Disabled)
Guest (S-1-5-21-708756834-277520051-3063566683-501 - Limited - Disabled)
mzatu (S-1-5-21-708756834-277520051-3063566683-1001 - Administrator - Enabled) => C:\Users\mzatu

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírusový a antispywarový softvér McAfee (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivírusový a antispywarový softvér McAfee (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Audio By Harman (HKLM\...\{4F81A6B8-223E-4C60-A04D-61C48505B7BC}) (Version: 1.2.0.0 - Harman)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.31.55 - Conexant)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.5.10 - SunplusIT)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4483 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363}) (Version: 3.2.004.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.076.00 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Malwarebytes verze 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.139 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-708756834-277520051-3063566683-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.9.1.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.20 - NVIDIA Corporation)
NVIDIA Grafický ovládač 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.54 (Version: 376.54 - NVIDIA Corporation) Hidden
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version: - OVERKILL Software)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
Rust Legacy Klient 1.9.7 (HKLM-x32\...\Rust Legacy Klient 1.9.7) (Version: 1.9.7 - Rusted.cz)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.0 - Sophos Limited)
SpeedRunners (HKLM\...\Steam App 207140) (Version: - DoubleDutch Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
User Manuals (x32 Version: 6.0.0.0 - Lenovo) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.388 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-708756834-277520051-3063566683-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EF957F5-7359-404B-99A2-6EE6F929A358} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-25] (Lenovo)
Task: {17189254-B96F-4D55-A9B1-52AE6BB7E862} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-07] (Lenovo)
Task: {3DC1F4A4-AB89-4697-8595-441FC52841C0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5f0af4c8-995c-4a98-adf8-c5df343c51e1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {4EFD6431-8F07-4A6F-B760-9EE021FD1A8D} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {5164A44A-52B3-4824-A265-B8FA83C67640} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {7084958D-320E-4DCE-ADFE-040153DC2D56} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-09-25] ()
Task: {71E167D6-0697-46EF-8604-8F854267CA7C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {7513AA29-D091-42F3-BBB2-26CE5FACAC02} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {7B413515-CB10-467D-8CD7-23BC5CAE41DF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-27] (Microsoft Corporation)
Task: {7BC96E15-E206-40F4-AD93-43E6B05893B5} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-25] (Lenovo)
Task: {83B333E8-C8F3-433C-80AE-9E94A98797A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
Task: {A6D43687-3D51-4D89-8064-2B6D0E155104} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {AB45BB2F-68EB-4AFA-AFB7-3CDD5CE90921} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2015-09-30] (CyberLink Corp.)
Task: {B16D585D-2EE6-4602-87AD-FA7CC09A9B09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)
Task: {B2B112D9-4150-47BE-8071-95393D85AC42} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-09-25] ()
Task: {B9996A74-CEA4-4D7E-88B7-AA3B754F1333} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {C61F075C-A91E-4345-B6A8-BBD27D613B2C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {D567F191-358D-4D7E-9F02-65E0BDE59354} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {DE91A650-4D7D-4FDF-80D0-D3222E32B4BA} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {E07C84C1-CB6F-4CBC-90CC-5B7B6310F6BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)
Task: {E123B0AD-A1BF-4B55-9BDB-D3D385F1C15A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b72dc0e5-3482-4f10-9b8a-ec4848338e67 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {EDDF3BB2-9DA6-49A8-AB9C-44B59636A7D1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-25] (Lenovo)
Task: {FAF656EE-C0DF-4C76-B2E6-E40A880212ED} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
Task: {FBEFF3CF-6F52-4BF8-93B1-11A5A050E5CE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4c408fdd-f5a0-4a88-827e-d0bd008a15dc => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {FCB25771-4147-460B-98D5-34877AFF96FF} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-26 16:45 - 2017-05-26 16:45 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-26 16:45 - 2017-05-26 16:45 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-08 16:39 - 2017-05-08 16:39 - 10601984 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-05-08 16:39 - 2017-05-08 16:39 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-05-08 16:39 - 2017-05-08 16:39 - 00765440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-03-18 22:59 - 2017-03-20 06:10 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-03 15:53 - 2017-06-03 15:54 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-03 15:53 - 2017-06-03 15:54 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-03 15:53 - 2017-06-03 15:54 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-03 15:53 - 2017-06-03 15:54 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-23 15:55 - 2017-05-23 15:55 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-03 15:53 - 2017-06-03 15:54 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-01-07 15:10 - 2017-01-07 15:10 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-03 15:53 - 2017-06-03 15:54 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 15:57 - 2017-05-09 15:57 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-01-07 15:10 - 2017-01-07 15:10 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-18 13:50 - 2016-01-09 13:25 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2017-06-03 10:54 - 00000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-708756834-277520051-3063566683-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: 0187251485622935mcinstcleanup => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CCSDK => 2
MSCONFIG\Services: ClientAnalyticsService => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 3
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: GDCAgent => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: ImControllerService => 2
MSCONFIG\Services: LSCWinService => 3
MSCONFIG\Services: MSK80Service => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: ZeroConfigService => 2
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKU\S-1-5-21-708756834-277520051-3063566683-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-708756834-277520051-3063566683-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A7101C59-49FD-4C0C-8B14-F980ED315224}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B79DECFE-3006-42BD-9628-268129312F0E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A69C00C2-103F-4C72-A80E-F5F11DD5214B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8B4AFB9B-8CFB-485F-A431-4498A949CDE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [UDP Query User{8A4169F3-87D3-47E6-8CB4-688D885C1C3F}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{D2353B96-CDDE-4B9B-B54B-DF04F0150732}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{97B2D8FB-1E06-459A-8243-15A594CBE958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{4023FF38-4272-45AE-9DB3-55F15861B7F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{FD53B298-8727-41FF-B23F-28C3B2FCE7CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{52B5D023-65B0-4E5D-9A41-DDB8E176E9DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{7BF2019C-981E-4C8C-A790-14621E185265}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{ADBDB656-FFE4-445D-9C6F-725AC1D21915}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{65B24FE2-17D9-4F3D-BC46-021A481482BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{4E51D278-8808-4605-ADF5-952612508D43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{99E003BC-BA46-4E98-A5FF-E34446BDE10B}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{CF876D21-0D32-4BAA-8EAC-470E2E5F452E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{CE4E85B3-C9A6-4200-81A8-4AFA86489C8D}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{BA3F5193-4A40-445F-A7F6-B72EAF9B74BB}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{FD7ED4CD-B02E-47EB-84A8-1446CAE4EB1F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{8AF853DF-2808-484A-ABB7-5677BD8332FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C76BF09-020F-478D-812C-3BF4C3E9B7B3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DF32DA37-7241-4FA4-B833-11F4161B83E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9ABDB293-C252-4041-A185-4A3C40C528EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F8D410DF-1B8F-437C-9854-8A89E4DA594F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4080B0DB-39AE-469C-8D53-A2AC0ACF94CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{AA848A91-92BA-4C0E-A02F-045F02FEF8C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{AAB036FE-952F-4F10-90B0-442D957DBE4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{E96C2905-695D-49EC-A3C5-6E43419E8FA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{38CB163D-4487-4B57-A4C5-8EAE4DF16F6A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AF45D4A7-A41F-43DB-AB70-717BCDB71FF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{07A2A8F6-F3BA-423F-B8C7-DB1BFA204549}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{A9F66F24-6F6B-45EA-B53B-984D56310727}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{A608877E-BD30-4F56-9E4F-2E1293438954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [TCP Query User{32CD156D-CCAF-4A27-9216-954A3A3FBBF3}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{F1F8613F-373C-483C-B3A6-9964D7E01437}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{7616D010-0EF5-43D5-BEF8-20C5C14D7719}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B045D24B-3E3E-43DF-B97A-25B4E9ED04AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{8D922D26-938B-4C2E-BC21-F5ECF6C4D6B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe

==================== Restore Points =========================

03-06-2017 14:47:52 End of disinfection

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2017 08:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: mcsvhost.exe, verzia: 6.3.3036.0, časová značka: 0x584adcb2
Názov chybujúceho modulu: RPCRT4.dll, verzia: 10.0.15063.0, časová značka: 0xcf94c546
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001957b
Identifikácia chybujúceho procesu: 0x1174
Čas spustenia chybujúcej aplikácie: 0x01d2dc4aa45d8952
Cesta chybujúcej aplikácie: c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\RPCRT4.dll
Identifikácia hlásenia: c5e85f2e-e1a0-4846-92d7-5ed0ced61924
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/03/2017 02:50:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-UGI8L3RR)
Description: Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (06/03/2017 12:51:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-UGI8L3RR)
Description: Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (06/03/2017 11:38:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/03/2017 11:25:34 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/03/2017 10:00:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/02/2017 08:56:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-UGI8L3RR)
Description: Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (06/02/2017 08:56:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-UGI8L3RR)
Description: Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (06/02/2017 07:12:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/02/2017 04:50:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (06/03/2017 10:00:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/03/2017 02:50:05 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-UGI8L3RR)
Description: Unable to start a DCOM Server: E046963F.LenovoCompanion_3.73.1.0_x86__k1h2ywk1493x8!App.AppX98wb6g77tn4g47pmhnngvex75z63bw5e.mca as Unavailable/Unavailable. The error:
"317"
Happened while starting this command:
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppXvp7ftfmygftsst0n1x3194vqevfpwc6t.mca

Error: (06/03/2017 12:57:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/03/2017 12:51:12 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-UGI8L3RR)
Description: Unable to start a DCOM Server: E046963F.LenovoCompanion_3.73.1.0_x86__k1h2ywk1493x8!App.AppX98wb6g77tn4g47pmhnngvex75z63bw5e.mca as Unavailable/Unavailable. The error:
"317"
Happened while starting this command:
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppXvp7ftfmygftsst0n1x3194vqevfpwc6t.mca

Error: (06/03/2017 12:51:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/03/2017 11:20:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby SAService zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/03/2017 11:20:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.

Error: (06/03/2017 11:11:34 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/03/2017 11:11:34 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/03/2017 11:11:34 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.


CodeIntegrity:
===================================
Date: 2017-06-02 19:45:24.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-02 16:43:38.442
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-05-23 18:47:32.127
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 30%
Total physical RAM: 8097.91 MB
Available physical RAM: 5642.51 MB
Total Virtual: 9377.91 MB
Available Virtual: 6693.31 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:883.68 GB) (Free:723.4 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6BCB544B)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 04 čer 2017 10:34

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
 SearchScopes: HKU\S-1-5-21-708756834-277520051-3063566683-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-708756834-277520051-3063566683-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-708756834-277520051-3063566683-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
Task: {B16D585D-2EE6-4602-87AD-FA7CC09A9B09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)
Task: {E07C84C1-CB6F-4CBC-90CC-5B7B6310F6BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

0000000006FF Spin-Up Time
Udělej znovu CDI

Memtest je třeba do okénka napsat 2047 a spustit tolikrát kolik máš nejvyšší kapacitu jednotlivé RAMky , tedy když máš 8 GB , spustit memtest 4x.

Windows Defender (Enabled - trvale deaktivuj tento antivir
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 04 čer 2017 10:57

FIXLOG



Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by mzatu (04-06-2017 10:41:19) Run:1
Running from C:\Users\mzatu\Desktop
Loaded Profiles: mzatu (Available Profiles: mzatu)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-708756834-277520051-3063566683-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-708756834-277520051-3063566683-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-708756834-277520051-3063566683-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
Task: {B16D585D-2EE6-4602-87AD-FA7CC09A9B09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)
Task: {E07C84C1-CB6F-4CBC-90CC-5B7B6310F6BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-708756834-277520051-3063566683-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-708756834-277520051-3063566683-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => key removed successfully
HKU\S-1-5-21-708756834-277520051-3063566683-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B16D585D-2EE6-4602-87AD-FA7CC09A9B09} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B16D585D-2EE6-4602-87AD-FA7CC09A9B09} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E07C84C1-CB6F-4CBC-90CC-5B7B6310F6BB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E07C84C1-CB6F-4CBC-90CC-5B7B6310F6BB} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21275090 B
Java, Flash, Steam htmlcache => 496963889 B
Windows/system/drivers => 187928 B
Edge => 2768384 B
Chrome => 509478927 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 165 B
systemprofile32 => 128 B
LocalService => 12028 B
NetworkService => 162418 B
mzatu => 19399378 B

RecycleBin => 0 B
EmptyTemp: => 1007.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:41:55 ====






















----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 15063] (x64)
Date : 2017/06/04 10:57:01

-- Controller Map ----------------------------------------------------------
+ Intel(R) 6th Generation Core Processor Family Platform I/O SATA AHCI Controller [ATA]
- WDC WD10JPCX-24UE4T0
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0
----------------------------------------------------------------------------
Model : WDC WD10JPCX-24UE4T0
Firmware : 01.01A01
Serial Number : WD-WXP1EA50FS2L
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1639 hours
Power On Count : 772 count
Temperature : 32 C (89 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 182 175 _21 000000000742 Spin-Up Time
04 _97 _97 __0 000000000F4D Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _98 _98 __0 000000000667 Power-On Hours
0A 100 100 __0 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C 100 100 __0 000000000304 Power Cycle Count
C0 200 200 __0 000000000014 Power-off Retract Count
C1 192 192 __0 000000006806 Load/Unload Cycle Count
C2 115 104 __0 000000000020 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 200 200 __0 000000000000 Write Error Rate
F0 _98 _98 __0 000000000634 Head Flying Hours

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 5031 4541 3530 4653 324C
020: 0000 8000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 4358 2D32 3455 4534 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 00CC
080: 03FE 0000 346B 7D29 6123 3469 BC09 6123 407F 005D
090: 005D 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 5BFF 187E 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FEA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B6 AF 42 07 00 00 00 00 00 04 32 00 61 61 4D
020: 0F 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 62 62 67 06 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 04 03 00 00 00 00 00 C0 32
070: 00 C8 C8 14 00 00 00 00 00 00 C1 32 00 C0 C0 06
080: 68 00 00 00 00 00 C2 22 00 73 68 20 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 F0 32
0D0: 00 62 62 34 06 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 34 44 01 7B
170: 03 00 01 00 02 C3 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6A

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 F0 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 04 čer 2017 15:43

0000000006FF Spin-Up Time
000000000742 Spin-Up Time

u toho disku bude problém s motorkem , ložisky nebo řízením.

Co Memtest?
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 04 čer 2017 19:18

Memtest som spustil zatiaľ len 1x na 2hod a nenašlo sa tam nič.
Problémy stále vidím ... hral som cs:go a skakalo mi FPS mám cca. 130FPS a niekedy mi to padne na 40-60FPS

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 04 čer 2017 19:48

Může to být tím diskem..

je třeba spustit memtest 4x , když máš 8gb RAM...

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 04 čer 2017 20:15

OTL logfile created on: 04.06.2017 19:53:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mzatu\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.15063.0)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: dd.MM.yyyy

7,91 Gb Total Physical Memory | 5,84 Gb Available Physical Memory | 73,90% Memory free
8,41 Gb Paging File | 6,04 Gb Available in Paging File | 71,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 883,68 Gb Total Space | 724,92 Gb Free Space | 82,03% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,39 Gb Free Space | 89,56% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-UGI8L3RR | User Name: mzatu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\mzatu\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
PRC - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.)
PRC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\99a2ffb9d2c0789dfa42e5b2614ce567\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\0bbf556aacb0d29ff2f15575aa1e5886\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4f5b285d648e98c7f88a0d6d5a0d6bbf\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\107f69e2ea484fbef214e96bcfe7a668\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\0619f30591a7a73af3af69f34850b916\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\0f92913ff9554207b72482a8f031a221\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\8389002cbfb4a2a8c3e73f8377c9284d\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\07a5a4d300b2c7a984bed4b6f9cc5eba\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\326b5d40688f7eb46a572fd79e81bb74\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a8eb930830268654a21954545fac8c69\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\dde91b8473de0e2bf383460058e51586\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a96a87a7e7f90058c2e314585324a84e\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (ImControllerService) -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo Group Limited)
SRV:64bit: - (ETDService) -- C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_6d7b2) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (xbgm) -- C:\Windows\SysNative\xbgmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (ClientAnalyticsService) -- C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe (Intel Security)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (mccspsvc) -- C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (McAPExe) -- C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe (McAfee, Inc.)
SRV:64bit: - (ibtsiva) -- C:\WINDOWS\SysNative\ibtsiva.exe (Intel Corporation)
SRV:64bit: - (cphs) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe (Intel Corporation)
SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe (Intel Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (ModuleCoreService) -- C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcbootdelaystartsvc) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (PEFService) -- C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (Intel Security, Inc.)
SRV:64bit: - (mfemms) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (LSCWinService) -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe (Lenovo)
SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV:64bit: - (McAWFwk) -- C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe (McAfee, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (ZAMSvc) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (CCSDK) -- C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo)
SRV - (EasyAntiCheat) -- C:\Windows\SysWOW64\EasyAntiCheat.exe (EasyAntiCheat Ltd)
SRV - (cphs) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (cplspcon) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\IntelCpHDCPSvc.exe (Intel Corporation)
SRV - (igfxCUIService2.0.0.0) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igfxCUIService.exe (Intel Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (SAService) -- C:\Windows\SysWOW64\SASrv.exe (Conexant Systems, Inc.)
SRV - (GDCAgent) -- C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Lenovo)


========== Driver Services (SafeList) ==========

DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (ZAM) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (ETDSMBus) -- C:\Windows\SysNative\drivers\ETDSMBus.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (nvdimmn) -- C:\Windows\SysNative\drivers\nvdimmn.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys ()
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (Netwtw04) -- C:\Windows\SysNative\drivers\Netwtw04.sys (Intel Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeaack) -- C:\Windows\SysNative\drivers\mfeaack.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeplk) -- C:\Windows\SysNative\drivers\mfeplk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (SPUVCbv) -- C:\Windows\SysNative\drivers\SPUVCBv64.sys (Sunplus)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (RTSUER) -- C:\Windows\SysNative\drivers\RtsUer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys ("CyberLink)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys (NVIDIA Corporation)
DRV - (igfx) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bde03d8af75e6be5\igdkmd64.sys (Intel Corporation)
DRV - (mfesapsn) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys (McAfee, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9C004728-F003-4A04-BD7B-2E462287831C}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9C004728-F003-4A04-BD7B-2E462287831C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {9C004728-F003-4A04-BD7B-2E462287831C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9C004728-F003-4A04-BD7B-2E462287831C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 04 čer 2017 20:16

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI [2017.04.18 10:20:52 | 000,133,247 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017.04.18 10:20:52 | 000,133,247 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2017.03.05 02:03:29 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\mzatu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_1\

O1 HOSTS File: ([2017.06.03 10:54:49 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Microsoft OneDrive for Business Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LenovoUtility] C:\Program Files\Lenovo\LenovoUtility\utility.exe ()
O4:64bit: - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
O4 - HKCU..\Run: [OneDrive] C:\Users\mzatu\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{991723c5-8aea-49f0-868f-f4b7b750cb4a}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2017.06.04 19:50:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mzatu\Desktop\OTL.exe
[2017.06.04 10:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2017.06.03 22:14:27 | 000,000,000 | ---D | C] -- C:\FRST
[2017.06.03 22:13:50 | 002,433,536 | ---- | C] (Farbar) -- C:\Users\mzatu\Desktop\FRST64.exe
[2017.06.03 20:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017.06.03 20:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017.06.03 15:22:27 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Roaming\discordsdk
[2017.06.03 15:22:26 | 000,000,000 | ---D | C] -- C:\Users\mzatu\Documents\SavedGames
[2017.06.03 14:46:42 | 000,000,000 | ---D | C] -- C:\Users\mzatu\Desktop\backups
[2017.06.03 14:40:10 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Local\NetworkTiles
[2017.06.03 12:55:46 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Roaming\Google
[2017.06.03 11:25:48 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.06.03 11:25:48 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.06.03 11:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017.06.03 11:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017.06.03 11:25:06 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Local\Zemana
[2017.06.03 11:20:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.06.03 11:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2017.06.03 11:17:19 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Local\Temp
[2017.06.02 19:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.06.02 19:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.06.02 19:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017.06.02 19:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2017.06.02 19:19:32 | 168,674,720 | ---- | C] (Sophos Limited) -- C:\Users\mzatu\Desktop\Sophos Virus Removal Tool.exe
[2017.06.02 17:15:11 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Local\CEF
[2017.06.02 17:05:51 | 000,188,312 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.06.02 17:05:44 | 000,113,592 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.06.02 17:05:44 | 000,093,600 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.06.02 17:05:40 | 000,044,960 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.06.02 17:05:37 | 000,252,832 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.06.02 17:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017.06.02 17:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.06.02 17:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.06.02 16:36:41 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\mzatu\Desktop\ATF-Cleaner.exe
[2017.05.27 09:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017.05.22 17:14:45 | 000,000,000 | ---D | C] -- C:\Windows.old
[2017.05.22 17:13:53 | 003,667,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.05.22 17:13:53 | 002,298,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017.05.22 17:13:53 | 001,506,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017.05.22 17:13:53 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.05.22 17:13:53 | 001,291,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.05.22 17:13:53 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.05.22 17:13:53 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2017.05.22 17:13:53 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.05.22 17:13:53 | 000,987,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2017.05.22 17:13:53 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017.05.22 17:13:53 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2017.05.22 17:13:53 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2017.05.22 17:13:53 | 000,716,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2017.05.22 17:13:53 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.05.22 17:13:53 | 000,559,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.05.22 17:13:53 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2017.05.22 17:13:53 | 000,387,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.05.22 17:13:53 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2017.05.22 17:13:53 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.05.22 17:13:53 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2017.05.22 17:13:53 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2017.05.22 17:13:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsDocumentTargetPrint.dll
[2017.05.22 17:13:53 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2017.05.22 17:13:53 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudBackupSettings.dll
[2017.05.22 17:13:53 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2017.05.22 17:13:53 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017.05.22 17:13:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2017.05.22 17:13:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2017.05.22 17:13:37 | 023,677,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.05.22 17:13:37 | 020,505,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.05.22 17:13:37 | 008,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.05.22 17:13:37 | 006,292,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.05.22 17:13:37 | 004,730,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.05.22 17:13:37 | 001,583,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2017.05.22 17:13:37 | 001,463,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2017.05.22 17:13:37 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.05.22 17:13:37 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.05.22 17:13:37 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2017.05.22 17:13:37 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.05.22 17:13:37 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2017.05.22 17:13:37 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017.05.22 17:13:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017.05.22 17:13:37 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017.05.22 17:13:37 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017.05.22 17:13:37 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2017.05.22 17:13:37 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017.05.22 17:13:36 | 008,320,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.05.22 17:13:36 | 007,931,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017.05.22 17:13:36 | 007,904,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.05.22 17:13:36 | 006,728,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017.05.22 17:13:36 | 005,557,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.05.22 17:13:36 | 004,848,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.05.22 17:13:36 | 004,446,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.05.22 17:13:36 | 004,396,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.05.22 17:13:36 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2017.05.22 17:13:36 | 003,672,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.05.22 17:13:36 | 002,969,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.05.22 17:13:36 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.05.22 17:13:36 | 002,765,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
[2017.05.22 17:13:36 | 002,651,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017.05.22 17:13:36 | 002,499,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2017.05.22 17:13:36 | 002,435,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017.05.22 17:13:36 | 002,399,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.05.22 17:13:36 | 002,085,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2017.05.22 17:13:36 | 002,077,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.05.22 17:13:36 | 002,056,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.05.22 17:13:36 | 002,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.05.22 17:13:36 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.05.22 17:13:36 | 001,852,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017.05.22 17:13:36 | 001,760,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017.05.22 17:13:36 | 001,657,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2017.05.22 17:13:36 | 001,628,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017.05.22 17:13:36 | 001,605,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017.05.22 17:13:36 | 001,604,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.05.22 17:13:36 | 001,600,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2017.05.22 17:13:36 | 001,468,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 04 čer 2017 20:16

[2017.05.22 17:13:36 | 001,433,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017.05.22 17:13:36 | 001,325,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017.05.22 17:13:36 | 001,320,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpx.dll
[2017.05.22 17:13:36 | 001,295,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2017.05.22 17:13:36 | 001,269,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2017.05.22 17:13:36 | 001,260,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.05.22 17:13:36 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2017.05.22 17:13:36 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017.05.22 17:13:36 | 001,147,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.05.22 17:13:36 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2017.05.22 17:13:36 | 001,075,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2017.05.22 17:13:36 | 001,051,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017.05.22 17:13:36 | 001,024,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.05.22 17:13:36 | 000,985,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017.05.22 17:13:36 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmgaserver.exe
[2017.05.22 17:13:36 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2017.05.22 17:13:36 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.05.22 17:13:36 | 000,923,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.05.22 17:13:36 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2017.05.22 17:13:36 | 000,750,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.05.22 17:13:36 | 000,741,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.05.22 17:13:36 | 000,712,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.05.22 17:13:36 | 000,708,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2017.05.22 17:13:36 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017.05.22 17:13:36 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017.05.22 17:13:36 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.05.22 17:13:36 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2017.05.22 17:13:36 | 000,673,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2017.05.22 17:13:36 | 000,667,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.05.22 17:13:36 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2017.05.22 17:13:36 | 000,646,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2017.05.22 17:13:36 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017.05.22 17:13:36 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.05.22 17:13:36 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.05.22 17:13:36 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.05.22 17:13:36 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017.05.22 17:13:36 | 000,543,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.05.22 17:13:36 | 000,524,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2017.05.22 17:13:36 | 000,517,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.05.22 17:13:36 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2017.05.22 17:13:36 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2017.05.22 17:13:36 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.05.22 17:13:36 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2017.05.22 17:13:36 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.05.22 17:13:36 | 000,409,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.05.22 17:13:36 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2017.05.22 17:13:36 | 000,382,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.05.22 17:13:36 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2017.05.22 17:13:36 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.05.22 17:13:36 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2017.05.22 17:13:36 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsDocumentTargetPrint.dll
[2017.05.22 17:13:36 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationObjFactory.dll
[2017.05.22 17:13:36 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2017.05.22 17:13:36 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2017.05.22 17:13:36 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudBackupSettings.dll
[2017.05.22 17:13:36 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2017.05.22 17:13:36 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Preview.dll
[2017.05.22 17:13:36 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2017.05.22 17:13:36 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2017.05.22 17:13:36 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.05.22 17:13:36 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.ps.dll
[2017.05.22 17:13:36 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2017.05.22 17:13:36 | 000,207,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.05.22 17:13:36 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll
[2017.05.22 17:13:36 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2017.05.22 17:13:36 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.05.22 17:13:36 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.05.22 17:13:36 | 000,105,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2017.05.22 17:13:36 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017.05.22 17:13:36 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017.05.22 17:13:36 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.05.22 17:13:36 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2017.05.22 17:13:36 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2017.05.22 17:13:36 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.05.22 17:13:36 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvps.dll
[2017.05.22 17:13:36 | 000,047,104 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2017.05.22 17:13:36 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.05.22 17:13:36 | 000,027,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe
[2017.05.22 17:13:32 | 006,759,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.05.22 17:13:32 | 005,477,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.05.22 17:13:32 | 004,559,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.05.22 17:13:32 | 004,469,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.05.22 17:13:32 | 003,116,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.05.22 17:13:32 | 002,957,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.05.22 17:13:32 | 002,330,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017.05.22 17:13:32 | 002,259,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.05.22 17:13:32 | 001,878,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.05.22 17:13:32 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2017.05.22 17:13:32 | 001,411,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.05.22 17:13:32 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.05.22 17:13:32 | 001,285,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2017.05.22 17:13:32 | 001,103,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017.05.22 17:13:32 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017.05.22 17:13:32 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2017.05.22 17:13:32 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2017.05.22 17:13:32 | 000,872,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2017.05.22 17:13:32 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017.05.22 17:13:32 | 000,790,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017.05.22 17:13:32 | 000,775,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017.05.22 17:13:32 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmgaserver.exe
[2017.05.22 17:13:32 | 000,651,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.05.22 17:13:32 | 000,626,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.05.22 17:13:32 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2017.05.22 17:13:32 | 000,583,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.05.22 17:13:32 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.05.22 17:13:32 | 000,523,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2017.05.22 17:13:32 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017.05.22 17:13:32 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2017.05.22 17:13:32 | 000,388,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2017.05.22 17:13:32 | 000,354,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.05.22 17:13:32 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2017.05.22 17:13:32 | 000,311,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.05.22 17:13:32 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2017.05.22 17:13:32 | 000,142,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2017.05.22 17:13:32 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2017.05.22 17:13:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2017.05.22 17:13:32 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2017.05.22 17:13:32 | 000,038,912 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2017.05.22 17:13:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017.05.22 17:13:32 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.05.22 17:05:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2017.05.22 17:05:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2017.05.22 17:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2017.05.22 17:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2017.05.22 17:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2017.05.22 17:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2017.05.22 17:00:59 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2017.05.22 17:00:59 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2017.05.22 17:00:59 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2017.05.22 17:00:52 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2017.05.22 17:00:52 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2017.05.22 17:00:52 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2017.05.22 17:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017.05.22 16:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017.05.22 16:27:29 | 000,000,000 | --SD | C] -- C:\Users\mzatu\AppData\Roaming\Microsoft
[2017.05.22 16:27:29 | 000,000,000 | R--D | C] -- C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017.05.22 16:27:29 | 000,000,000 | R--D | C] -- C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017.05.22 16:27:29 | 000,000,000 | R--D | C] -- C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017.05.22 16:27:29 | 000,000,000 | R--D | C] -- C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017.05.22 16:27:29 | 000,000,000 | -H-D | C] -- C:\Users\mzatu\AppData
[2017.05.22 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Local\Microsoft
[2017.05.22 16:27:29 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017.05.22 16:26:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lenovo EasyCamera
[2017.05.22 16:25:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sda
[2017.05.22 16:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Conexant
[2017.05.22 16:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2017.05.22 16:24:58 | 000,113,640 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2017.05.22 16:24:58 | 000,104,432 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2017.05.22 16:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2017.05.22 16:24:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2017.05.22 16:24:25 | 006,384,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2017.05.22 16:24:25 | 002,475,968 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2017.05.22 16:24:25 | 001,762,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2017.05.22 16:24:25 | 000,546,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2017.05.22 16:24:25 | 000,392,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2017.05.22 16:24:25 | 000,083,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2017.05.22 16:24:25 | 000,069,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2017.05.22 16:24:24 | 000,147,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\oemdspif.dll
[2017.05.22 16:24:19 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2017.05.22 16:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2017.05.22 16:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2017.05.22 16:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2017.05.22 16:22:48 | 002,233,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2017.05.22 16:19:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2017.05.22 16:19:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2017.05.19 18:39:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2017.05.16 16:06:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2017.05.16 16:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2017.05.12 20:25:03 | 000,000,000 | ---D | C] -- C:\Users\mzatu\AppData\Local\UNP
[2017.05.12 17:43:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\UNP
[2017.05.12 17:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\UNP
[2017.05.10 18:46:33 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2017.05.07 17:57:51 | 000,000,000 | ---D | C] -- C:\Users\mzatu\Documents\My Games

========== Files - Modified Within 30 Days ==========

[2017.06.04 20:00:39 | 000,164,997 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.06.04 20:00:38 | 000,132,386 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.06.04 19:50:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mzatu\Desktop\OTL.exe
[2017.06.04 12:38:53 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.06.04 10:52:48 | 000,093,600 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.06.04 10:49:14 | 000,933,354 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.06.04 10:49:14 | 000,763,700 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.06.04 10:49:14 | 000,161,758 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.06.04 10:44:53 | 000,380,264 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.06.04 10:44:01 | 000,188,312 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.06.04 10:44:01 | 000,044,960 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.06.04 10:44:00 | 000,113,592 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.06.04 10:43:59 | 000,252,832 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.06.04 10:43:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017.06.04 10:43:18 | 3396,505,600 | -HS- | M] () -- C:\hiberfil.sys
[2017.06.03 22:13:45 | 002,433,536 | ---- | M] (Farbar) -- C:\Users\mzatu\Desktop\FRST64.exe
[2017.06.03 22:12:56 | 000,156,632 | ---- | M] () -- C:\Users\mzatu\Desktop\memtest.png
[2017.06.03 22:02:55 | 000,032,768 | ---- | M] () -- C:\Users\mzatu\Desktop\memtest.exe
[2017.06.03 20:46:31 | 000,001,276 | ---- | M] () -- C:\Users\mzatu\Desktop\CrystalDiskInfo.lnk
[2017.06.03 11:25:48 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.06.03 11:25:48 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.06.03 11:25:46 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.06.03 10:54:49 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.06.03 10:52:54 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2017.06.03 10:01:35 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.06.02 19:21:01 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.06.02 19:19:19 | 168,674,720 | ---- | M] (Sophos Limited) -- C:\Users\mzatu\Desktop\Sophos Virus Removal Tool.exe
[2017.06.02 17:05:34 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.06.02 16:36:32 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\mzatu\Desktop\ATF-Cleaner.exe
[2017.05.31 11:09:14 | 000,077,376 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017.05.22 17:13:53 | 003,667,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.05.22 17:13:53 | 002,298,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017.05.22 17:13:53 | 001,506,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017.05.22 17:13:53 | 001,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.05.22 17:13:53 | 001,291,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.05.22 17:13:53 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.05.22 17:13:53 | 001,060,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2017.05.22 17:13:53 | 001,019,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.05.22 17:13:53 | 000,987,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2017.05.22 17:13:53 | 000,909,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017.05.22 17:13:53 | 000,840,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2017.05.22 17:13:53 | 000,806,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2017.05.22 17:13:53 | 000,716,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2017.05.22 17:13:53 | 000,636,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.05.22 17:13:53 | 000,559,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.05.22 17:13:53 | 000,476,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2017.05.22 17:13:53 | 000,387,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.05.22 17:13:53 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2017.05.22 17:13:53 | 000,364,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2017.05.22 17:13:53 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2017.05.22 17:13:53 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2017.05.22 17:13:53 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsDocumentTargetPrint.dll
[2017.05.22 17:13:53 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WiFiDisplay.dll
[2017.05.22 17:13:53 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudBackupSettings.dll
[2017.05.22 17:13:53 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2017.05.22 17:13:53 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017.05.22 17:13:53 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmjpegdec.dll
[2017.05.22 17:13:53 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmjpegdec.dll
[2017.05.22 17:13:37 | 023,677,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.05.22 17:13:37 | 020,505,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.05.22 17:13:37 | 008,244,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.05.22 17:13:37 | 006,292,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.05.22 17:13:37 | 004,730,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.05.22 17:13:37 | 001,583,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2017.05.22 17:13:37 | 001,463,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2017.05.22 17:13:37 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017.05.22 17:13:37 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017.05.22 17:13:37 | 000,457,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2017.05.22 17:13:37 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017.05.22 17:13:37 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2017.05.22 17:13:37 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017.05.22 17:13:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017.05.22 17:13:37 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017.05.22 17:13:37 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017.05.22 17:13:37 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2017.05.22 17:13:37 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017.05.22 17:13:36 | 008,320,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.05.22 17:13:36 | 007,931,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017.05.22 17:13:36 | 007,904,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.05.22 17:13:36 | 006,728,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017.05.22 17:13:36 | 005,557,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.05.22 17:13:36 | 004,848,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.05.22 17:13:36 | 004,446,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.05.22 17:13:36 | 004,396,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.05.22 17:13:36 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2017.05.22 17:13:36 | 003,672,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.05.22 17:13:36 | 002,969,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.05.22 17:13:36 | 002,800,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.05.22 17:13:36 | 002,765,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
[2017.05.22 17:13:36 | 002,651,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017.05.22 17:13:36 | 002,499,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2017.05.22 17:13:36 | 002,435,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017.05.22 17:13:36 | 002,399,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.05.22 17:13:36 | 002,085,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2017.05.22 17:13:36 | 002,077,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.05.22 17:13:36 | 002,056,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.05.22 17:13:36 | 002,008,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.05.22 17:13:36 | 001,886,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.05.22 17:13:36 | 001,852,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017.05.22 17:13:36 | 001,760,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017.05.22 17:13:36 | 001,657,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2017.05.22 17:13:36 | 001,628,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017.05.22 17:13:36 | 001,605,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017.05.22 17:13:36 | 001,604,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.05.22 17:13:36 | 001,600,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2017.05.22 17:13:36 | 001,468,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.05.22 17:13:36 | 001,433,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017.05.22 17:13:36 | 001,325,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017.05.22 17:13:36 | 001,320,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpx.dll
[2017.05.22 17:13:36 | 001,295,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2017.05.22 17:13:36 | 001,269,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2017.05.22 17:13:36 | 001,260,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.05.22 17:13:36 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2017.05.22 17:13:36 | 001,242,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017.05.22 17:13:36 | 001,147,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.05.22 17:13:36 | 001,087,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2017.05.22 17:13:36 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2017.05.22 17:13:36 | 001,051,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017.05.22 17:13:36 | 001,024,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.05.22 17:13:36 | 000,985,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017.05.22 17:13:36 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmgaserver.exe
[2017.05.22 17:13:36 | 000,970,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2017.05.22 17:13:36 | 000,925,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.05.22 17:13:36 | 000,923,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.05.22 17:13:36 | 000,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2017.05.22 17:13:36 | 000,750,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.05.22 17:13:36 | 000,741,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.05.22 17:13:36 | 000,712,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.05.22 17:13:36 | 000,708,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2017.05.22 17:13:36 | 000,707,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017.05.22 17:13:36 | 000,687,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017.05.22 17:13:36 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.05.22 17:13:36 | 000,673,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2017.05.22 17:13:36 | 000,673,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2017.05.22 17:13:36 | 000,667,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.05.22 17:13:36 | 000,647,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2017.05.22 17:13:36 | 000,646,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2017.05.22 17:13:36 | 000,624,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017.05.22 17:13:36 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.05.22 17:13:36 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.05.22 17:13:36 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.05.22 17:13:36 | 000,545,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017.05.22 17:13:36 | 000,543,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017.05.22 17:13:36 | 000,524,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2017.05.22 17:13:36 | 000,517,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.05.22 17:13:36 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TDLMigration.dll
[2017.05.22 17:13:36 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2017.05.22 17:13:36 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2017.05.22 17:13:36 | 000,416,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2017.05.22 17:13:36 | 000,409,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.05.22 17:13:36 | 000,409,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.05.22 17:13:36 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2017.05.22 17:13:36 | 000,382,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.05.22 17:13:36 | 000,373,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2017.05.22 17:13:36 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.05.22 17:13:36 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2017.05.22 17:13:36 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsDocumentTargetPrint.dll
[2017.05.22 17:13:36 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationObjFactory.dll
[2017.05.22 17:13:36 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2017.05.22 17:13:36 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2017.05.22 17:13:36 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudBackupSettings.dll
[2017.05.22 17:13:36 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2017.05.22 17:13:36 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Preview.dll
[2017.05.22 17:13:36 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2017.05.22 17:13:36 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2017.05.22 17:13:36 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017.05.22 17:13:36 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.ps.dll
[2017.05.22 17:13:36 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2017.05.22 17:13:36 | 000,207,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017.05.22 17:13:36 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll
[2017.05.22 17:13:36 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2017.05.22 17:13:36 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.05.22 17:13:36 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.05.22 17:13:36 | 000,105,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2017.05.22 17:13:36 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017.05.22 17:13:36 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017.05.22 17:13:36 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.05.22 17:13:36 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2017.05.22 17:13:36 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2017.05.22 17:13:36 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.05.22 17:13:36 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvps.dll
[2017.05.22 17:13:36 | 000,047,104 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2017.05.22 17:13:36 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.05.22 17:13:36 | 000,027,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe
[2017.05.22 17:13:32 | 006,759,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.05.22 17:13:32 | 005,477,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.05.22 17:13:32 | 004,559,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.05.22 17:13:32 | 004,469,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.05.22 17:13:32 | 003,116,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.05.22 17:13:32 | 002,957,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.05.22 17:13:32 | 002,330,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017.05.22 17:13:32 | 002,259,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.05.22 17:13:32 | 001,878,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.05.22 17:13:32 | 001,611,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2017.05.22 17:13:32 | 001,411,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.05.22 17:13:32 | 001,293,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.05.22 17:13:32 | 001,285,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2017.05.22 17:13:32 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017.05.22 17:13:32 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017.05.22 17:13:32 | 001,027,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2017.05.22 17:13:32 | 000,891,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2017.05.22 17:13:32 | 000,872,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2017.05.22 17:13:32 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017.05.22 17:13:32 | 000,790,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017.05.22 17:13:32 | 000,775,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017.05.22 17:13:32 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmgaserver.exe
[2017.05.22 17:13:32 | 000,651,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.05.22 17:13:32 | 000,626,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.05.22 17:13:32 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2017.05.22 17:13:32 | 000,583,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.05.22 17:13:32 | 000,527,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.05.22 17:13:32 | 000,523,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2017.05.22 17:13:32 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017.05.22 17:13:32 | 000,392,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2017.05.22 17:13:32 | 000,388,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2017.05.22 17:13:32 | 000,354,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2017.05.22 17:13:32 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2017.05.22 17:13:32 | 000,311,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.05.22 17:13:32 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2017.05.22 17:13:32 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\Microsoft.Bluetooth.Profiles.HidOverGatt.dll
[2017.05.22 17:13:32 | 000,142,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2017.05.22 17:13:32 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2017.05.22 17:13:32 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2017.05.22 17:13:32 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2017.05.22 17:13:32 | 000,038,912 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2017.05.22 17:13:32 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017.05.22 17:13:32 | 000,032,004 | ---- | M] () -- C:\WINDOWS\SysNative\edgehtmlpluginpolicy.bin
[2017.05.22 17:13:32 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.05.22 16:49:47 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2017.05.22 16:49:47 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2017.05.22 16:43:25 | 000,022,840 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017.05.22 16:24:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin
[2017.05.22 16:23:52 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_ETDSMBus_01011.Wdf

========== Files Created - No Company Name ==========

[2017.06.03 22:12:56 | 000,156,632 | ---- | C] () -- C:\Users\mzatu\Desktop\memtest.png
[2017.06.03 20:46:31 | 000,001,276 | ---- | C] () -- C:\Users\mzatu\Desktop\CrystalDiskInfo.lnk
[2017.06.03 11:25:53 | 000,164,294 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.06.03 11:25:53 | 000,131,647 | ---- | C] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.06.03 11:25:46 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.06.03 11:17:19 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2017.06.02 19:40:55 | 000,028,272 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.06.02 19:21:01 | 000,002,775 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.06.02 17:05:34 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.06.02 17:05:31 | 000,077,376 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017.05.22 17:18:13 | 000,057,387 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2017.05.22 17:18:13 | 000,057,387 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2017.05.22 17:13:32 | 000,032,004 | ---- | C] () -- C:\WINDOWS\SysNative\edgehtmlpluginpolicy.bin
[2017.05.22 16:48:39 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2017.05.22 16:48:39 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2017.05.22 16:43:32 | 000,933,354 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.05.22 16:35:49 | 3396,505,600 | -HS- | C] () -- C:\hiberfil.sys
[2017.05.22 16:34:07 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2017.05.22 16:24:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin
[2017.05.22 16:24:25 | 007,651,057 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2017.05.22 16:23:52 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_ETDSMBus_01011.Wdf
[2017.05.22 16:21:01 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017.05.22 16:19:05 | 000,380,264 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.05.16 17:14:20 | 000,001,259 | ---- | C] () -- C:\Users\mzatu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizácie a ochrana súkromia.lnk
[2017.03.18 23:03:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017.03.18 23:03:41 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017.03.18 22:58:56 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017.03.18 22:58:54 | 000,116,824 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017.03.18 22:58:54 | 000,112,128 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017.03.18 22:58:54 | 000,086,528 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017.03.18 22:58:52 | 003,200,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017.03.18 22:58:52 | 000,059,904 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017.03.18 22:58:51 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017.03.18 22:58:48 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017.03.18 22:58:42 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017.03.18 22:58:39 | 000,307,200 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017.03.18 22:58:37 | 001,859,072 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017.03.18 22:57:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017.03.18 22:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017.02.11 00:57:35 | 000,269,600 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2017.02.11 00:57:35 | 000,110,880 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2017.01.17 06:51:52 | 035,233,328 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2017.01.04 04:09:08 | 000,112,112 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv2.dll
[2017.01.04 04:09:04 | 000,101,352 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv1_CM.dll
[2017.01.04 04:09:00 | 000,141,296 | ---- | C] () -- C:\WINDOWS\SysWow64\libEGL.dll
[2016.09.09 20:25:58 | 000,269,600 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-26-0.dll
[2016.09.09 20:25:28 | 000,110,880 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-26-0.exe
[2016.06.18 14:05:18 | 000,891,592 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2015.12.25 03:26:14 | 000,310,272 | ---- | C] () -- C:\WINDOWS\SysWow64\VCamPPage.dll
[2015.12.25 03:18:20 | 000,014,539 | ---- | C] () -- C:\WINDOWS\TWAINSP_Lenovo_EasyCamera.ini

========== ZeroAccess Check ==========

[2017.05.22 17:07:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017.03.18 22:58:07 | 007,325,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017.03.18 22:58:52 | 005,820,984 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017.03.18 22:57:58 | 000,961,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017.03.18 22:58:50 | 000,770,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017.03.18 22:57:53 | 000,510,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2016.12.24 13:01:02 | 000,000,000 | ---D | M] -- C:\Users\mzatu\AppData\Roaming\11bitstudios
[2017.06.03 15:23:00 | 000,000,000 | ---D | M] -- C:\Users\mzatu\AppData\Roaming\discordsdk
[2016.12.01 16:53:37 | 000,000,000 | ---D | M] -- C:\Users\mzatu\AppData\Roaming\Lenovo
[2016.11.22 15:27:25 | 000,000,000 | ---D | M] -- C:\Users\mzatu\AppData\Roaming\LSC
[2017.06.04 19:50:29 | 000,000,000 | ---D | M] -- C:\Users\mzatu\AppData\Roaming\TS3Client

========== Purity Check ==========



< End of report >

Misso
Level 2
Level 2
Příspěvky: 183
Registrován: červenec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod Misso » 04 čer 2017 20:16

OTL Extras logfile created on: 04.06.2017 19:53:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mzatu\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.15063.0)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: dd.MM.yyyy

7,91 Gb Total Physical Memory | 5,84 Gb Available Physical Memory | 73,90% Memory free
8,41 Gb Paging File | 6,04 Gb Available in Paging File | 71,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 883,68 Gb Total Space | 724,92 Gb Free Space | 82,03% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,39 Gb Free Space | 89,56% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-UGI8L3RR | User Name: mzatu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = C5 5C 4D B8 0A D3 D2 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C76BF09-020F-478D-812C-3BF4C3E9B7B3}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7616D010-0EF5-43D5-BEF8-20C5C14D7719}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\root\office16\outlook.exe |
"{8AF853DF-2808-484A-ABB7-5677BD8332FF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B79DECFE-3006-42BD-9628-268129312F0E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A2A8F6-F3BA-423F-B8C7-DB1BFA204549}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\this war of mine.exe |
"{09C21512-E380-4EC1-BC5B-A9503B72315E}" = dir=out | name=store purchase app |
"{0FCF0FF5-E3BE-44EB-B87F-057AC7C61052}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{0FD3DC77-0AA7-46E6-89F1-9172E5EE8861}" = dir=in | name=onenote |
"{13B815F8-ED33-44DA-8D72-A2A24F8F6033}" = dir=out | name=@{microsoft.windows.photos_17.524.10020.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{1632C577-8286-47F5-ABF8-9FC22CC2E899}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{18FBBD44-F8ED-47AD-B5A1-15E8FD9D4061}" = dir=out | name=windows_ie_ac_001 |
"{19229055-6D89-492C-B6BC-2618A433E505}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1A770304-3CC3-473C-B93C-E5561117392B}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{1BB14E9A-944E-4A60-BDF0-504D0DE38B7F}" = dir=in | name=@{microsoft.commsphone_1.10.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{1C2039E7-DE1E-4DC2-9240-BCB5CBE19C5E}" = dir=out | name=@{microsoft.3dbuilder_14.1.1302.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{1C736201-3D1A-4622-A6AC-AF39F3EB96E9}" = dir=out | name=@{microsoft.zunevideo_10.17042.14211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1C87871C-0E21-4630-A8D3-13EF8212250E}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{1EC28ECD-74BA-4BE3-B878-F6DBB07D9831}" = dir=out | name=@{microsoft.oneconnect_2.1704.952.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{1FC3CCF3-7DC2-4CBD-8BA0-62668EC4C713}" = dir=out | name=@{microsoft.getstarted_5.9.1042.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{24D7B232-18BC-40A3-A4BE-507E5A6941D4}" = dir=in | name=@{microsoft.bingsports_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{2542A273-7AEF-4F3D-93EE-A5A0CF1EBCDB}" = dir=out | name=lenovo settings |
"{2E093844-CCD5-4216-8C6A-D0EEE3B1130C}" = dir=out | name=@{microsoft.bingnews_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{33A94148-722C-43AF-BDD7-9A3EA5BB4F7C}" = dir=out | name=microsoft solitaire collection |
"{35F600A2-298A-4FE0-9C6B-7DEF5B881A1B}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{373EFBAB-CB6A-4EED-91B8-82F22C1176D5}" = dir=in | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{375E29D0-D36E-4CE5-938F-DB75AA0ED0C4}" = dir=out | name=@{microsoft.skypeapp_11.16.595.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{38CB163D-4487-4B57-A4C5-8EAE4DF16F6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{3A6B6E33-2D37-4851-9CFC-3B9A0D7E031B}" = dir=out | name=@{microsoft.mspaint_2.1704.26037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{3BF6756B-4DE9-4B67-BD1D-BD884183F713}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{4023FF38-4272-45AE-9DB3-55F15861B7F1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\launchpad.exe |
"{4080B0DB-39AE-469C-8D53-A2AC0ACF94CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{4256A3BF-B55D-4DA9-AC00-E2FD7EFA3069}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{4467655D-4E9D-469F-ADF9-2EC5C870F992}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{449D109E-B9E1-4E18-8C48-5CC198AD140E}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1704.1361.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{4781D908-2A62-4E3B-8915-82FC44B9C2B2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{484DB240-1552-417E-A831-D8B060ED7A3B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4B14ED17-F0C3-4332-AEC1-66E407462E55}" = dir=out | name=@{microsoft.microsoftofficehub_17.8225.5925.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{4C2DB034-6242-4FA4-AD2F-EFB43CD29AF2}" = dir=in | name=@{microsoft.bingnews_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{4E51D278-8808-4605-ADF5-952612508D43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rust.exe |
"{4FDF98B1-3707-43E7-9D76-B59DD086515C}" = dir=in | name=lenovo settings |
"{52B5D023-65B0-4E5D-9A41-DDB8E176E9DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{544E398C-33BD-46D5-9C95-075B887CD4CF}" = dir=out | name=@{microsoft.windows.holographicfirstrun_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.holographicfirstrun/resources/pkgdisplayname} |
"{54A61D93-BC8F-43A2-BD69-A40639E8C432}" = dir=in | name=@{microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{5A5FD945-C113-4FD9-A5ED-999D0F83B59E}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{5AE34FBC-0A03-479B-9672-0C8284ED7990}" = dir=out | name=@{microsoft.accountscontrol_10.0.15063.296_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{5B182C27-322A-4C01-A72E-E511C14CFCF4}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{5CF7EFF8-DFCC-4A2F-9D0B-AEF6E8BFF8B0}" = dir=in | name=@{microsoft.bingfinance_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{5D54CBFD-A6B7-4023-A23B-E8C3C7A53D94}" = dir=out | name=microsoft sticky notes |
"{5FFA3DF2-76FD-4450-8F23-4FC96E08F1F3}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{61AF5180-3F17-4179-BD89-4A8B7265DC3E}" = dir=in | name=@{microsoft.microsoftofficehub_17.8225.5925.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{61BD736C-CDAD-4E35-9405-49F66C3DF50E}" = dir=out | name=@{microsoft.microsoft3dviewer_1.1705.3039.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/resources/storeappname} |
"{626CC166-A03E-4A9F-99F2-BBE72A13F865}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{638872DB-4E80-4A04-9E4B-6711A1B813C1}" = dir=out | name=holographic item player |
"{63DDE79B-8367-4AE8-B3BA-D102B92CAE94}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{65B24FE2-17D9-4F3D-BC46-021A481482BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rust\rust.exe |
"{65EF6111-8053-4D91-AC49-C010395A58A9}" = dir=in | name=microsoft solitaire collection |
"{6888A137-CA7A-4231-A543-835DDB28A01C}" = dir=out | name=@{microsoft.lockapp_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{68AA19CC-7D01-4C6A-80FD-9FCF277604E3}" = dir=out | name=sway |
"{6AB50604-12D1-42D2-9BE2-7A9FF74FFB0A}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{6BD60E1B-2BF3-4FAF-AA9F-8E7A2174964F}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{6CCD43EB-8288-4E0F-9D8B-7C81F858C216}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{6CCF3832-B699-4280-A9BD-22433A36ED52}" = dir=out | name=@{microsoft.people_10.2.831.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{6E965D10-8665-4BD9-A524-16B4FF39796A}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.15063.296_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{734EDF99-9870-4B67-9CBF-A907A646E675}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{73A6A980-76F6-4D1D-9E1B-3F7B08AEBC28}" = dir=in | name=microsoft sticky notes |
"{761B998D-4C1E-4355-94DC-C904D95743D6}" = dir=out | name=@{microsoft.commsphone_1.10.23004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{796E5015-F069-45FC-A72E-485D6D86561D}" = dir=out | name=twitter |
"{7AD31BBC-27F0-4E59-BCB5-DB8CDFF03760}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{7BF2019C-981E-4C8C-A790-14621E185265}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{7C783C95-C694-48CE-81F2-E83DD2D744F4}" = dir=in | name=@{microsoft.oneconnect_2.1704.952.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{7D94CF1C-B873-49D3-81BB-C9809F773A7C}" = dir=out | name=@{e046963f.lenovocompanion_3.73.1.0_x86__k1h2ywk1493x8?ms-resource://e046963f.lenovocompanion/resources/appname} |
"{8067439A-CF2A-4F83-B7AC-DE1445F4CDB2}" = dir=out | name=@{environmentsapp_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://environmentsapp/resources/displayname} |
"{83975721-8651-4538-8566-C10193920176}" = dir=out | name=@{lenovocorporation.lenovoid_2.0.37.0_x86__4642shxvsv8s2?ms-resource://lenovocorporation.lenovoid/resources/displayname} |
"{84B82214-51E5-4E79-A528-E49F632868D1}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.15063.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{852DC98D-7BE5-4A20-A47A-EA0257E4DE28}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{859CA157-A95E-4CE8-9BCC-0AE77B17A3B0}" = dir=out | name=@{microsoft.windowsmaps_5.1705.1391.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{890076DE-508C-45B9-BFFC-432FB10ABC6B}" = dir=in | name=@{microsoft.microsoftedge_40.15063.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{8B4AFB9B-8CFB-485F-A431-4498A949CDE0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe |
"{8D1273CC-C8DB-4069-BCE2-5CEC3ADC306A}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{8D922D26-938B-4C2E-BC21-F5ECF6C4D6B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\speedrunners\speedrunners.exe |
"{90712B52-29EF-4182-81CD-EFE2A522E809}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{937E88F7-ECB2-4334-8084-E1E1761531DE}" = dir=out | name=lenovo settings |
"{94099331-82D4-42CA-B8A3-7BA3C094D393}" = dir=out | name=@{microsoft.windows.cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{9601DCD7-0CDF-42E7-B3E2-BC62EB58B388}" = dir=out | name=@{microsoft.bingweather_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{97B2D8FB-1E06-459A-8243-15A594CBE958}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\launchpad.exe |
"{97CA87F4-8B4E-4C6F-8EA3-43DEB17B095C}" = dir=in | name=@{microsoft.getstarted_5.9.1042.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{988D042E-3D33-4B2A-8DAB-B6BBDA5C4E4D}" = dir=out | name=@{microsoft.bingfinance_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{99E003BC-BA46-4E98-A5FF-E34446BDE10B}" = dir=in | app=c:\program files (x86)\lenovo\lenovo photo master\photoplus.exe |
"{9A8F9956-3B75-4801-A527-5B00DE53D89D}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{9A97EAAC-B621-474A-BE9E-A3EF14992FF2}" = dir=in | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{9ABDB293-C252-4041-A185-4A3C40C528EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9E733D81-F2EE-48E5-8C1A-E88E51ECE934}" = dir=in | name=@{windows.contactsupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{9EDAED34-EC4D-42F8-9C8A-2FA1C69D4401}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{9FD58231-15B4-4654-9F19-EAF5212B82EC}" = dir=out | name=candy crush soda saga |
"{A026CC91-D9B3-4823-9C78-3B09BF4BE0C8}" = dir=out | name=onenote |
"{A08C4F08-EF63-40AC-AF09-A59872D995AE}" = dir=in | name=@{microsoft.zunemusic_10.17042.14111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A14A8EF5-981F-46AF-B9DA-796100851C4A}" = dir=out | name=@{microsoft.bingsports_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{A608877E-BD30-4F56-9E4F-2E1293438954}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\storyteller.exe |
"{A69C00C2-103F-4C72-A80E-F5F11DD5214B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe |
"{A7101C59-49FD-4C0C-8B14-F980ED315224}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{A9F66F24-6F6B-45EA-B53B-984D56310727}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\storyteller.exe |
"{AA848A91-92BA-4C0E-A02F-045F02FEF8C8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{AAB036FE-952F-4F10-90B0-442D957DBE4B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{ABA3E64F-0BF0-4A34-9BC0-57B3BEADD714}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{ADBDB656-FFE4-445D-9C6F-725AC1D21915}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{AF45D4A7-A41F-43DB-AB70-717BCDB71FF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\this war of mine.exe |
"{B045D24B-3E3E-43DF-B97A-25B4E9ED04AA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\speedrunners\speedrunners.exe |
"{B1646844-3F2A-4484-B6A2-E698A1B1C248}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{B49AFEA8-2159-4375-8201-7EC0ED50DB83}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1704.1361.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{B6B4F1C2-7A37-456A-AA4D-B1BCE0DABB5E}" = dir=out | name=xbox |
"{B7C3EE6A-694A-46EA-9A4A-C558697236C6}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{BA3F5193-4A40-445F-A7F6-B72EAF9B74BB}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\shareit\shareit.exe |
"{BC3311C5-12D2-41C6-9061-B81E94CB05BE}" = dir=in | name=xbox |
"{C07F73C1-0B50-4124-974A-2E385F027768}" = dir=out | name=wallet |
"{C270887E-C058-47D1-9D75-382EB859485A}" = dir=in | name=@{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{C66D8E1C-440D-4F4B-9390-A4B0412CD9B6}" = dir=in | name=@{microsoft.zunevideo_10.17042.14211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{C88AFAA8-8950-4ABB-AEDB-9589DCF9B3F6}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{C9A0A3C6-3262-474A-9B18-A246998970AE}" = dir=out | name=lenovo settings |
"{CA8E2742-5C92-492B-B178-98959B2458FB}" = dir=in | name=@{microsoft.bingweather_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{CCD1F4F7-AC3A-4CE8-95A5-46DD750814C2}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.15063.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{CE4E85B3-C9A6-4200-81A8-4AFA86489C8D}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\shareit\shareit.exe |
"{CF876D21-0D32-4BAA-8EAC-470E2E5F452E}" = dir=in | app=c:\program files (x86)\lenovo\lenovo photo master\subsys\advphotoeditor\photodirector5.exe |
"{D1FD498B-CFF8-42A1-B6EB-B5DE11532B74}" = dir=in | name=@{microsoft.windows.photos_17.524.10020.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{D3D68803-79B1-42C5-9A4B-AE671D8FFD55}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{D4C34394-5DF6-405A-8850-8EC399057D14}" = dir=out | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{D6F9BAF3-8A6A-44AB-BDC6-8CBCD5579C53}" = dir=in | name=sway |
"{D9940CB1-468C-4968-8AB8-97D6C8E020E7}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{DA538239-3E9B-4B9A-8993-19654B0E0A66}" = dir=in | name=@{microsoft.microsoft3dviewer_1.1705.3039.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/resources/storeappname} |
"{DC5A6D96-EF53-4EA1-B0A1-1AC639B55529}" = dir=in | name=lenovo settings |
"{DE038E6F-14AE-4BE7-B37B-84A222C90F60}" = dir=in | name=@{microsoft.skypeapp_11.16.595.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{DF32DA37-7241-4FA4-B833-11F4161B83E5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DF6FC2FD-B9E1-44B3-8D83-C6173B0E7B47}" = dir=out | name=windows_ie_ac_001 |
"{E3E94E61-1E90-4A33-81CF-C23099FAE87E}" = dir=in | name=@{microsoft.mspaint_2.1704.26037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{E59FB441-4239-4074-A780-8D932BFC0619}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{E945A2F2-BC91-4C0A-B924-64EB0B38FC30}" = dir=out | name=@{microsoft.microsoftedge_40.15063.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{E96C2905-695D-49EC-A3C5-6E43419E8FA9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{EB103895-CF21-4773-8F99-9AC3B46342D4}" = dir=out | name=@{microsoft.messaging_3.26.24002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{ED581EE1-A3BE-44CE-B524-7537B939B6F5}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{EE48A75C-37DA-47B8-ACF8-D034FA3149E7}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F0275409-B351-40BD-BD0D-BFE43971C630}" = dir=in | name=@{microsoft.windows.cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{F2437178-5626-407C-891E-F328841755A9}" = dir=out | name=@{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{F60EE5C6-3AF7-476E-ACFF-91A5596A4D57}" = dir=out | name=xbox game bar |
"{F6980AB0-E5E1-4ABC-85D4-0126B3C0F733}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{F74E1A82-0AD3-4188-9D85-860CEB11C799}" = dir=out | name=@{microsoft.ppiprojection_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{F8D410DF-1B8F-437C-9854-8A89E4DA594F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{FCF12AAE-15C8-4D1E-801D-0F4AF2A707C2}" = dir=out | name=@{microsoft.zunemusic_10.17042.14111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{FD24B7E4-C357-47F8-B0DB-78EA4158479C}" = dir=out | name=@{windows.contactsupport_10.0.15063.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{FD53B298-8727-41FF-B23F-28C3B2FCE7CE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{FD7ED4CD-B02E-47EB-84A8-1446CAE4EB1F}" = dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"TCP Query User{32CD156D-CCAF-4A27-9216-954A3A3FBBF3}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe |
"TCP Query User{D2353B96-CDDE-4B9B-B54B-DF04F0150732}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe |
"UDP Query User{8A4169F3-87D3-47E6-8CB4-688D885C1C3F}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe |
"UDP Query User{F1F8613F-373C-483C-B3A6-9964D7E01437}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}" = Intel(R) Chipset Device Software
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{293F2009-0145-450B-B4AA-063D43FB368C}" = Windows 10 Update and Privacy Settings
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.1.2.1733
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3DF3AC42-174D-4915-9ED2-448AD4338B83}" = Intel(R) ME UninstallLegacy
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4F81A6B8-223E-4C60-A04D-61C48505B7BC}" = Audio By Harman
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{75993f9b-0c97-43d0-b1bd-199bbd65233e}" = Intel(R) PRO/Wireless Driver
"{899F9754-1F6B-4EEC-8D27-25E9DF331062}" = Intel(R) Management Engine Components
"{8C497266-8C62-4A79-AA01-763DA804E8C7}" = Intel® PROSet/Wireless WiFi Software
"{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}" = Lenovo QuickOptimizer
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-00DD-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component 64-bit Registration
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 376.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 376.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 376.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.9.1.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.9.1.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.9.1.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B66F70B4-34E5-429A-9F55-7129E0833A45}" = Intel(R) Rapid Storage Technology
"{C2E5CA37-C862-4A69-AC6D-24F450A20C16}" = Lenovo System Interface Foundation
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363}" = Lenovo Solution Center
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"CNXT_AUDIO_HDA" = Conexant HD Audio
"O365HomePremRetail - sk-sk" = Microsoft Office 365 - sk-sk
"Steam App 10" = Counter-Strike
"Steam App 207140" = SpeedRunners
"Steam App 24240" = PAYDAY: The Heist
"Steam App 252490" = Rust
"Steam App 252950" = Rocket League
"Steam App 271590" = Grand Theft Auto V
"Steam App 282070" = This War of Mine
"Steam App 433850" = H1Z1: King of the Kill
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VulkanRT1.0.26.0" = Vulkan Run Time Libraries 1.0.26.0
"WinRAR archiver" = WinRAR 5.40 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee WebAdvisor
"{4532E4C5-C84D-4040-A044-ECFCC5C6995B}" = REACHit
"{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}" = Intel(R) Wireless Bluetooth(R)
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{66614300-cd9b-4a62-8b18-c97e9562dc3e}" = Intel® PROSet/Wireless Software
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}" = LenovoUtility
"{7042D952-EE42-4C09-A23D-E7AE4D047007}" = User Manuals
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1" = Zemana AntiMalware
"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC94C56A-3649-420C-8756-2ADEBE399D33}" = Lenovo Photo Master
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}" = Metric Collection SDK 35
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{fb610cea-ba50-4d4b-a717-cf025419035c}" = Intel(R) Chipset Device Software
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.0.5
"Google Chrome" = Google Chrome
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}" = LenovoUtility
"InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}" = User Manuals
"MSC" = McAfee LiveSafe
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Rockstar Games Social Club" = Rockstar Games Social Club
"Rust Legacy Klient 1.9.7" = Rust Legacy Klient 1.9.7
"SHAREit_is1" = SHAREit
"Steam" = Steam
"Sunplus SPUVCb" = EasyCamera

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 02.06.2017 14:56:13 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala
pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error - 02.06.2017 14:56:14 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala
pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error - 03.06.2017 4:00:05 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 03.06.2017 5:25:34 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 03.06.2017 5:38:54 | Computer Name = LAPTOP-UGI8L3RR | Source = Office 2016 Licensing Service | ID = 0
Description =

Error - 03.06.2017 6:51:12 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala
pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error - 03.06.2017 8:50:05 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktivácia aplikácie E046963F.LenovoCompanion_k1h2ywk1493x8!App zlyhala
pre chybu: -2143322111 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error - 03.06.2017 14:19:50 | Computer Name = LAPTOP-UGI8L3RR | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: mcsvhost.exe, verzia: 6.3.3036.0, časová
značka: 0x584adcb2 Názov chybujúceho modulu: RPCRT4.dll, verzia: 10.0.15063.0, časová
značka: 0xcf94c546 Kód výnimky: 0xc0000005 Odstup chyby: 0x000000000001957b Identifikácia
chybujúceho procesu: 0x1174 Čas spustenia chybujúcej aplikácie: 0x01d2dc4aa45d8952
Cesta
chybujúcej aplikácie: c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
Cesta
chybujúceho modulu: C:\WINDOWS\System32\RPCRT4.dll Identifikácia hlásenia: c5e85f2e-e1a0-4846-92d7-5ed0ced61924
Celé
meno chybujúceho balíka: ? Identifikácia chybujúcej aplikácie vzhľadom na balík:
?

Error - 04.06.2017 4:49:14 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 04.06.2017 5:39:33 | Computer Name = LAPTOP-UGI8L3RR | Source = Office 2016 Licensing Service | ID = 0
Description =

[ System Events ]
Error - 04.06.2017 4:43:22 | Computer Name = LAPTOP-UGI8L3RR | Source = Service Control Manager | ID = 7000
Description = Spustenie služby SAService zlyhalo kvôli nasledujúcej chybe: %%2

Error - 04.06.2017 4:43:52 | Computer Name = LAPTOP-UGI8L3RR | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby ZeroConfigService bol dosiahnutý
časový limit (30000 ms).

Error - 04.06.2017 4:43:52 | Computer Name = LAPTOP-UGI8L3RR | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ZeroConfigService zlyhalo kvôli nasledujúcej chybe:
%%1053

Error - 04.06.2017 4:44:22 | Computer Name = LAPTOP-UGI8L3RR | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
C:\WINDOWS\System32\IWMSSvc.dll Kód chyby: 258

Error - 04.06.2017 5:21:15 | Computer Name = LAPTOP-UGI8L3RR | Source = DCOM | ID = 10016
Description =

Error - 04.06.2017 5:39:27 | Computer Name = LAPTOP-UGI8L3RR | Source = DCOM | ID = 10016
Description =

Error - 04.06.2017 6:00:23 | Computer Name = LAPTOP-UGI8L3RR | Source = DCOM | ID = 10016
Description =

Error - 04.06.2017 6:19:09 | Computer Name = LAPTOP-UGI8L3RR | Source = DCOM | ID = 10016
Description =

Error - 04.06.2017 6:38:54 | Computer Name = LAPTOP-UGI8L3RR | Source = DCOM | ID = 10016
Description =

Error - 04.06.2017 6:51:45 | Computer Name = LAPTOP-UGI8L3RR | Source = DCOM | ID = 10016
Description =


< End of report >


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 16 hostů