log z Adition 1/2
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Endon (21-03-2017 16:19:02)
Running from C:\Users\Endon\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-02 19:07:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3451961156-4237405861-3929623962-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3451961156-4237405861-3929623962-503 - Limited - Disabled)
Endon (S-1-5-21-3451961156-4237405861-3929623962-1001 - Administrator - Enabled) => C:\Users\Endon
Guest (S-1-5-21-3451961156-4237405861-3929623962-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Aktualizace NVIDIA 23.23.0.0 (Version: 23.23.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{d5572863-793c-4ec8-872a-43cccc68b948}) (Version: 18.40.0 - Intel Corporation)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
CyberLink PhotoDirector (Version: 5.0.5.6713 - Název společnosti:) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4.4301 - Název společnosti:) Hidden
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{C9F1F770-9A43-4BC1-9C8F-DEE6C9A91F4A}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{1A13FE59-6F7E-44DC-9AA7-2D7B9E08C2D4}) (Version: 1.4.6 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4542 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A354DC98-2677-4967-8AA0-3B867EE10202}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM\...\{10307C17-F7FD-405D-9F3B-0BF66EA43857}) (Version: 1.0.26920.1393 - Intel Corporation)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 378.66 (Version: 378.66 - NVIDIA Corporation) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
R2-D2 (HKLM-x32\...\{4EBD7408-E5EF-4D98-A931-50B9CAC2BAB2}) (Version: 1.0.10 - Hewlett-Packard Company)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.103 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7584 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Star Wars Command Center (HKLM-x32\...\{74F1230A-64B6-4E37-86D4-866219DA02AB}) (Version: 1.0.38 - Hewlett-Packard Company)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader (HKLM-x32\...\{E9727CBE-5BEF-487F-ABF0-2215C7274A35}) (Version: 1.01 - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version: - Microsoft)
UpdateAssistant (x32 Version: 1.1.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 25.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.176 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03795A90-45B2-4B83-85F8-83FAF08C5EBA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {086DFEBA-3F5F-4CD9-959C-88681B3CC957} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {182DD512-69BD-4D7B-9AA2-237858AF67F9} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {186713FA-67C8-4D59-83ED-300DFEDAAE9B} - System32\Tasks\HPCeeScheduleForEndon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {1AA58AC0-C207-4A96-80F8-27189A10E2B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {1FC60AE6-1EF6-4F01-A39D-DF730DADBA00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {206EA178-619C-4E01-9E7F-B2C74CAD9352} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2870A00B-7B53-468D-AF73-D54FCB4FC233} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation)
Task: {33EFB2AB-17F0-40D6-906F-E7C838C629AE} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Endon\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {3510972E-1C7B-4DAC-BA9B-400B750A37F9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-02-19] (Microsoft Corporation)
Task: {362917F4-D375-43A8-939C-3F4DF4FF97F7} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation)
Task: {362FDE15-FCCC-4386-BD90-A4B62C7D9458} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2016-06-21] (Microsoft Corporation)
Task: {3E1D6B9E-4480-4A8A-8A42-E7D10F81207A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {479FD082-2C6D-4AC0-AB26-BC90A0B34815} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {48678602-7B67-4FD9-8B3B-FE3825BD125A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {4DCA2624-5759-45F4-AFCF-6FEB05FCF977} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {58076F6D-DC86-4FD6-BFB0-165C95B442C5} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-84BQ2CB-Endon DESKTOP-84BQ2CB => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2016-02-09] (Microsoft Corporation)
Task: {590CE1EE-6DED-44AB-B3D2-C661403500BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {61E097CC-68EC-4B3C-B52E-BFEC91B35C60} - System32\Tasks\{21973AB0-3FB2-48B3-9D8C-F683B20E24CD} => pcalua.exe -a J:\SkyrimLauncher.exe -d J:\
Task: {64CCA599-75B8-4518-845D-89F394FA76AB} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
Task: {6D03D46C-D8AF-44EE-ABC5-554AD815F86F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-03-02] (HP Inc.)
Task: {6DBE038A-93DB-4E66-80A4-07082CED801F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {70FD5B56-D69C-4802-AB07-104CB2491DE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7250F9E5-8D4E-4DB6-B3B0-B08F635F8CBB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {9BE9498B-BBC3-471B-906A-78D4A23BFA8E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {A08453FB-D0A9-4BE0-A28E-F0C967A93988} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2015-05-21] (Hewlett-Packard Development Company, L.P.)
Task: {A776A57F-D6F7-47AC-8F88-09AFAF656C21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {A86379B2-7E80-4189-9F45-EB1A29B1EBB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {AAECB214-3310-4F38-845E-A55952A233D5} - System32\Tasks\{09C39567-F431-40FD-A9DA-36AB4B46B357} => pcalua.exe -a J:\TESV.exe -d J:\
Task: {B5BB57C6-F192-4F92-B4D4-0162BFF84511} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {C3B6FCE0-4AB9-4D47-9B4D-118A842CA549} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {C7FA09B5-659A-4244-9DCE-082623C39FE0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {D0604C30-37AC-4D50-A288-C242B08C0C9F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {DE168D3A-FFD4-46CE-B438-8BC95B6E36A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E15F831A-F520-4737-B5A6-86D026C6B87B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {E5E7AFE1-7A19-4E66-B5C6-A234E8DBBC92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {F02CFEB0-60E3-4CEC-B6DF-4E6B30AF51E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {F895355E-6DC5-4E15-9DB6-76FB8A31E173} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEndon.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-02-05 10:44 - 2017-01-20 19:36 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-05 10:44 - 2017-01-20 19:36 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-11-23 21:47 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-20 17:05 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-02 19:35 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-20 17:05 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-20 17:05 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-03-20 16:33 - 2017-03-20 16:33 - 00154480 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2016-09-16 15:52 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-20 17:04 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-20 17:05 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-20 17:05 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-20 17:05 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-20 17:05 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-20 17:05 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-13 15:00 - 2017-03-13 15:00 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 15:00 - 2017-03-13 15:00 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 15:00 - 2017-03-13 15:00 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 15:00 - 2017-03-13 15:00 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2015-11-23 21:09 - 2017-01-20 19:36 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-05 10:44 - 2017-01-20 19:36 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-05 10:44 - 2017-01-20 19:36 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-05 10:44 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-02-05 10:44 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-02-05 10:44 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-02-05 10:44 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-02-05 10:44 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-02-05 10:44 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-02-05 10:44 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-02-05 10:44 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Endon:Heroes & Generals [38]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2017-03-20 16:05 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Endon\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4f453786-fe0b-4ad6-814b-b21c6f9dbf13}.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\StartupApproved\Run: => "EADM"
==================== FirewallRules (Whitelisted) ===============
kontrola logu - využití disku 100%
Re: kontrola logu - využití disku 100%
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
Re: kontrola logu - využití disku 100%
log z Addition 2/2
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F7BD8906-2087-4B14-8F0A-6075F066CDC9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EB33F1C6-7CBA-44BF-81F8-FBB5DD304FBA}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{6E68B88F-8E5B-4AF3-A748-6028BB8F4F0B}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{CDE46CB7-C390-4DAE-9E88-D671D003179F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3E801CC4-BFDF-4F95-BB23-3B816A605EDC}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{17B2DB77-6A01-4A93-A94F-A0E8412EBAC4}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{22CC2F58-9ACF-42B5-BDD2-97F9C7C324DD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{0A41EABF-4D27-487F-82DB-C048D62226A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{805A30BB-7603-467C-B932-8A44776A51A2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F21E0D91-DCDE-42E7-BA47-18402C895D96}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F92B5DF3-A827-41CD-A75E-E16C9EF0711F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A3F0CA69-5747-465C-801F-3B7A961A6323}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FAFED13C-7B1A-4406-A24C-F92B1D9DD23C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6B3C3D7E-A0FA-4C4C-AFA1-452F5069CA5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0A3298A8-49C3-416B-8FEC-55DAE9278C31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3AB9CFA5-A2B7-4A30-B34B-4EC78EA80FFF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BF00216B-7EDA-4157-84AE-D55C60C7A11C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C11A4516-A9BC-43CD-86DF-707E78AABE93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E167624B-657E-4FAC-8277-52F5B3CBB0BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61E75F2C-5DCA-4B7B-9319-8B5798B62FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{2FDCC0D8-9270-416D-B2D4-8487E0476405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{8FFB19E1-6388-46FA-B569-5CBE617FE70F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{64EE77A9-F44F-4040-8087-C11AEBD30D12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{019D497C-065A-40AF-AB6B-8C91EA55E5D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1202E82-56B0-4314-AB68-7D8B205C81D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0D4FA08B-D1C2-4F52-B93A-21E7E9FADA5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{935F0574-CBD7-4702-9FF4-B9742F056093}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{606F0C92-8CD6-4465-8791-0F771F1052E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E785891B-9BD1-4AA4-8B98-284CA0275CAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{482C0801-FC2C-4DED-9F99-0F324041FB19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23EB6AD5-666C-4E9E-AD70-15D5BFD6A44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{999D146E-3FE3-413E-BF10-CF998C1052A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B7FDC131-CE99-49CA-AC1C-C6A95AC471D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FDE37255-01DB-4DA3-BB3E-810C3417F5B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4543453F-4003-4DA8-BB3A-543CB44A67E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EFC979DE-AA86-43B1-B785-3DE72BCDE6F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC62F197-AAD4-491C-BD83-97A25274A998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{561C157D-5B00-47D0-848A-52CD490B5F45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A46E5A6D-B450-4DED-9C4B-E4C63F23721F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{58FD1703-87D5-48ED-9512-66E6ACCB805B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3CA11D9F-09E5-453A-BD60-2FCD6F0C2AEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4D5F872-DF02-4818-B85F-61768D0B1912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E46586A-EABA-4B30-8255-E9764EDEC9EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{153BC4F0-98EA-40CD-AF4C-D72F702BEFB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2067D819-4B09-46B2-B1DC-2C0701BCEC9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC08903F-FD1B-4208-AB13-7EB00F88480F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4155CCDF-C5E4-4145-A2D3-163301133CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7FAD33AD-40E2-4EEC-AF83-9E3F1380A1A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{20FB94E9-2967-47AF-903D-A39E08C30C2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA297554-E315-427E-BFA3-BE8E4E22E562}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FB6AE280-3624-4C42-8FB5-54145B8E25AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA2255B8-0EE7-41F9-A0C6-CCC6D0C1F72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F9D12310-E1A3-41F9-9014-63B5805B38C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6E77296E-2145-4173-9E26-CC3254535B85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2E4C7CC-66E3-457E-8683-18A1DDFE5300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0FB5E690-5EA3-480D-8376-C6178FF8E6C7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F5546776-7D86-4C8A-B9B9-C7DCAEB8CB08}] => (Allow) LPort=2869
FirewallRules: [{971417C2-6796-4F1E-B566-C7DE35FF01F6}] => (Allow) LPort=1900
FirewallRules: [{95F1A76E-80D7-4766-B2F6-F78CC7C25904}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FC73B029-EDE3-49FC-AEBF-62DC555DE5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{198E1E45-A1BA-4406-895C-92B935110FEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4BBCB0DF-826A-4033-9E05-2B4B805CC8D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EC96479A-95CF-4974-9127-616BFD237821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7C4CA72D-4FA8-4A3A-851D-CEA28B00E5E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A16B5E30-C2E2-4A59-BC7E-A41718E3A0BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A01067AE-CADC-44A4-A141-85C4A947E6E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0FCF626A-66FA-4099-9D92-068E8BC6F383}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{655D7C63-5562-471B-9DC2-F5CF079BC11B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AD1A8927-FE35-4B37-A026-2EF63CBF2000}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{48F33E25-A4C9-408A-A0FF-69A52203F77B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D0A5C7F1-3764-449F-B4AC-E97484C22382}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5309E4AC-FD8C-46CC-B57E-8BE1B0267F10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{42A6E13C-22E7-4E96-BDF0-C99894A7A5B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A58EE8FF-0739-4C60-9C4B-8CF65D92F41F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{44AAE735-674D-4632-B09F-F4DD62472156}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{42046D32-067C-4541-AD75-CF654F762530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FB8FFBBD-5F6F-4FF8-8C8B-1B0115F7BAD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3FA2E721-CBE4-4AEB-9DF3-BBC82F814FB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7E2594A-4934-4338-8EF4-1070A1BFA6AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89AB22DF-8217-4274-B977-5CB7B49C6B68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4A576500-3BD5-44EF-9A67-AEBD43DED730}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{E3D37181-4715-40C6-8999-7F87B0D80743}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{D116422C-A176-42F9-A33E-4F6FAB2AFA5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{CED8FDEE-BC5E-41E8-B778-90704F734D5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{1E9CC3EA-FCAA-4695-9A6A-E7D5C7F386A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98F2F7D6-B9F0-47DD-9809-6BB95F419CF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{520C0139-D7AA-4FDE-AF48-E514ECB62825}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{05A4366A-9D27-4837-AB2A-AAEDE51DDD38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{217FB283-D690-476F-8A86-4BFB42E89299}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2BDFC450-9C4C-44DF-BF97-122FEB2DC314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2E5D4C6-DEA5-4557-B4E0-D07BFB5F2702}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3F2C7FCD-8F5E-4F56-8523-A54E3B5C798E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8DDD5E18-032F-4429-9AD3-F3DC62323EB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C808F94E-8D18-4046-B71A-B712024A3045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{C2E36DCD-99EB-4D1E-9009-7C6B06E6EF1B}C:\users\endon\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\endon\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{84BFE415-0D32-4210-B1BF-2B0CD810EAEA}C:\users\endon\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\endon\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{A8F672C1-0D99-46F5-B264-6EC49C4A2C21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{10C0B4F6-A866-44ED-A0D3-B622D91EDB4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5AA9DEEF-A2E6-4C37-A085-1BA69231976D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87C3FD7E-FBBE-4CEC-AA20-C8A19EDF6ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD438027-C6B3-4AED-B726-C3C9C9613DC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50EED65F-0A4C-499E-8F0D-A94AC6EC0F50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7986E877-9F43-42D1-926C-659BB5EEC239}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0CBC54FC-FB8A-42CA-977E-4F90A16E7102}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8C44F6F-B1EF-4E6D-BC5D-78DF7145BAD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{32301E01-74F7-451A-8927-CF054956CAC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E5B3BFA-F6F1-400C-97F7-FB1B031FB933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7B24C34D-A970-498D-A7CE-D3F8680DCC4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{25C421D0-60FE-494A-AC83-61E43CC8CE92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{731704C2-FC86-439B-AAA1-C62BAEC7559F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CDE27551-4D56-46F4-BD60-C4BBCB70CB02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A3BC4D4E-6262-48B8-B85C-2CD434A30998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A5029E4-213F-41A6-A589-783807EABA84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{83324F97-423C-4288-AAA9-8065FD386D92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15C8F5E6-34F8-4286-8999-6F18504FD8B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01CFBCD2-B41C-4CC6-8418-8812C460322C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A0B23296-6759-48D2-A148-424041C93F12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{77744BFC-10D3-4BB5-8B22-BFA9745DB1A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CE68B468-DC26-4297-B92E-A24A8AF1F262}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{853BEE53-4F1F-4D61-8456-D1F0173EF32E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81E27C88-3220-4784-8A22-ABB7F3363E4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BE4A9AB5-8D08-4DA6-9D24-5B06E7A752FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{92F239D3-7F3A-49BB-913D-724E1E0640D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F713C57-802C-4758-814A-A446A41039F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8EFE8C9-641D-41A6-8E17-51F0E3246827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69735FCA-A7BB-49C9-B2A0-9B3B54376D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C7E2C767-70F1-40E4-9BD3-6B62FC831894}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{02563C76-BEB9-4BD0-AFDB-212D4E647632}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{319E9FCC-2585-4C41-8F72-F06DB4F322E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4A6FE153-5B59-47F3-8AD9-BBBFBE14335E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{218EED03-163C-4ECB-BC39-1CACF5AE1500}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF2C5421-24A8-45F0-9D10-13B410A8E07B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{07DDF4F7-1CD6-4090-B257-4F1290ADC7E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0E4392BC-8D45-45C8-863A-4E19FB2A509F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D2321A2-F67A-485B-B611-85080D4D9B15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AFD25C9-618B-494B-9262-13DCBBD1D0F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{407793E5-6628-4B2A-A992-973943FE99C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{00714156-AFBB-4CD6-A73B-26A4D24750DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D41EFB1F-8FC8-4B9C-9170-8CCBB9A19A47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87B7386F-540C-41C1-8CFB-C88C3CFA799E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F4EBDA08-496D-4A43-93B8-356587421319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E8408F21-3BB6-403B-8790-3CEF4281368E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61977925-4994-4587-B23B-4DA5B07E6B89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{636F0DE1-9A8A-4F4A-954B-53DA5704C1FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8CBE1BA0-B29F-42B4-AC0F-0BC74F57E1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC9394A7-3CF3-4877-9977-96CD7F1CEC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{553105A8-5725-41E9-BE70-7D8E752E3F56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A38805C1-0F9D-41AF-9F99-E8EF60905F76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C2CC84F4-0FD3-43D8-908B-5E153BC26FC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E73D80F-B883-477F-91D1-55D5710090F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{62239439-5C97-40AB-81F4-FB64FABBAE66}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD788F41-EF0B-4668-A7F1-27125F887171}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{099863B5-6E5C-47FA-92DC-20370A953604}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4ED0CB3F-F03B-4ABA-A9B4-D051DFB6D64F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{92257C58-9965-4ED3-8265-8BAE999FB4E3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{5EB50599-EE31-4945-B19E-257FBA12BA10}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{C159D554-2CB0-4DAD-A9C6-CFAF852915AC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{66B8BD4D-4CD1-473D-8443-FEFEDBFEADCD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{74B9A1B4-02FE-4BDE-83BF-EC15611CA773}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{22035C0E-022C-43B0-80D9-471CB47C0EA8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{50E5A9A9-50AF-41E8-A683-B8D90EAF862C}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{9405F578-8AFC-4707-964B-6E8C7AA44DAA}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{2A36F034-87EE-4EB8-BC2A-65BE7C12FE9E}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{82BCF370-D07D-4D49-9485-88BFC7CE4001}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{DA46094C-F066-4E90-BB52-4F6E14EADD13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3887FD82-0B70-4BB2-97EE-24BEE4B602AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2BB7B29-F8C3-4762-8C7A-AC50B985C9E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{84B3D56E-BDE3-455D-B302-5200B7459EA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{529EDD65-2EE1-4BBD-ABC5-DDCB54A097F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{585EE6E3-7534-4CAE-9828-17367B8D0161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E8313815-1251-4061-8C2B-FC2FBD6216B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2F6770D0-CDBB-45F2-AC3D-4AC4DDB4D928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6754A1AC-2398-4C07-BCF1-12A2C3E30E0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EF044260-654B-475A-A3C4-55DBF68959B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{782BD277-E2D5-4CB5-9914-327AEBC93A2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1CD3390A-C1D7-48EE-8A06-88C9DE3B36C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9E44A7AD-53CA-4A31-9C29-BDB926FE2671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{39D55820-3786-4250-B6CB-07C841EF40A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{95EDD498-E606-403A-A48E-319CC003F26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A0910C64-9254-42C7-BEF1-AA4829EFF3D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3977E5EE-C0C0-4B52-B93F-9312C488FF70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{47E85FC7-D336-4808-87E0-7C70DA7674AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67179EAB-D28A-4A86-996B-EAF8DAACF830}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B9C8A56-1AB2-4B98-B7BD-A6D2C5E5F48C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D44E73A1-B340-40CF-AFD9-93DA03122C5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61875924-F9D7-44C7-802A-D2AC9DFB71AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AC410F6-B8E2-4719-BDA6-2BA1EDD1F0C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AC019DDB-1069-4C6A-B5DB-F365F8FAE21D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B33D0815-5B22-48C8-8985-164193F00DED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1284ADC3-03EF-435F-9EED-84FAA85D13B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{224147E2-1CDF-4514-B369-66A5560DC5B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA601AFF-CD00-4EDC-AAA2-CCDC779D9922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0839EDA-1694-4F8E-9366-890EC6EDC364}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67589632-6FCB-49DF-8821-7B80A22C3C4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B68A1BB5-3789-4098-B5F4-F068CF02A8AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB436190-428A-4933-9032-2AE8B1CDC51A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{42BF20AF-8DD9-4690-B452-2A20E12BA0E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{682EEF9E-4C4F-4DD1-AE65-87E558BF1B26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{70E196A2-AE88-4387-AFB1-E7658A6AB6D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5657B439-7DDB-4CFA-B5CF-BB4A13B9857E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3AE4A2A9-68CB-47F6-85C7-07D240D2961A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{28D8AA05-D303-4354-B021-6508B2AA565A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E661ADE1-F90E-4D6F-8583-C7AE17C731A8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A9469753-88FF-4A74-AC96-3179A666EE25}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{51F74BA2-F0BE-48E3-82E4-FA286CC2ED9E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BEBCDF43-2230-49D0-9D42-319F716F85CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8D7B3061-9571-4F95-8F2F-D749C7050F60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E99E75C3-B64A-49C0-9BC5-68E6E858D6B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A819F54-1647-4536-B9A0-35E6EFC71D26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05C8E907-0BA1-4A66-904A-E580257E93B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DE230F4A-259A-4525-A682-4079082146EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F97D0398-B76B-485F-BEE3-F394E7ECE279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A6AF67C5-4EDC-43DD-937E-FFC9C48726B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CE12958A-CF77-4439-9829-8E4D26ED1E3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0E80765A-273D-475C-9C55-9B0A621E9268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E3A0A101-C2CD-492F-AABF-9FB8C2481021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9A55DE83-710D-439B-A820-D441C8297D95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7BBF7484-45D6-4CED-9E3F-5AC0B9245573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EA661EC-397F-43E8-B838-EF7291CBBCCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA15519B-1D9C-49C3-82BF-17949A19D52E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{165C9700-19C0-4763-83ED-F5E2E869EB9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA118D6E-061E-40F1-9CE0-D4401DAC2870}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01B6D724-5E12-4FB6-9163-B17402CD4955}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Restore Points =========================
15-03-2017 20:52:10 JRT Pre-Junkware Removal
15-03-2017 20:53:17 JRT Pre-Junkware Removal
20-03-2017 18:03:16 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/21/2017 11:51:31 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (03/20/2017 09:28:58 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Critical Policy [2]
Error: (03/20/2017 09:28:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyActive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (03/20/2017 09:28:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 693
Executing Function: PolicyBase::releaseControlofOsc
Message: Failed to release OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Active Policy [0]
Error: (03/20/2017 09:28:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Active Policy [0]
Error: (03/20/2017 09:25:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector\kernel\ces\CES_AudioCacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (03/20/2017 09:25:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector\kernel\ces\CES_CacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (03/20/2017 06:56:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-84BQ2CB)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147417836. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/20/2017 06:25:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/20/2017 06:06:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (03/21/2017 04:10:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/21/2017 11:51:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/21/2017 11:51:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/21/2017 11:51:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/21/2017 06:53:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/20/2017 09:33:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/20/2017 09:33:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (03/20/2017 09:33:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/20/2017 09:33:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/20/2017 09:33:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2017-03-20 18:01:36.528
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-20 18:01:35.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-20 17:17:51.912
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-20 17:17:51.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-15 18:43:46.650
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 18:43:38.286
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 15:42:47.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 15:42:47.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-14 18:29:06.104
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-14 18:29:05.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 49%
Total physical RAM: 3934.84 MB
Available physical RAM: 1998.67 MB
Total Virtual: 5854.84 MB
Available Virtual: 3752.91 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:910.59 GB) (Free:677.94 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.7 GB) (Free:2.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (NFSUG2_DISK1) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS
Drive i: (NFSUG2_DISK2) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6303BAA5)
Partition: GPT.
==================== End of Addition.txt ============================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F7BD8906-2087-4B14-8F0A-6075F066CDC9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EB33F1C6-7CBA-44BF-81F8-FBB5DD304FBA}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{6E68B88F-8E5B-4AF3-A748-6028BB8F4F0B}] => (Allow) C:\Nexon\Library\combatarms\appdata\NMService.exe
FirewallRules: [{CDE46CB7-C390-4DAE-9E88-D671D003179F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3E801CC4-BFDF-4F95-BB23-3B816A605EDC}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{17B2DB77-6A01-4A93-A94F-A0E8412EBAC4}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{22CC2F58-9ACF-42B5-BDD2-97F9C7C324DD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{0A41EABF-4D27-487F-82DB-C048D62226A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{805A30BB-7603-467C-B932-8A44776A51A2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F21E0D91-DCDE-42E7-BA47-18402C895D96}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F92B5DF3-A827-41CD-A75E-E16C9EF0711F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A3F0CA69-5747-465C-801F-3B7A961A6323}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{FAFED13C-7B1A-4406-A24C-F92B1D9DD23C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6B3C3D7E-A0FA-4C4C-AFA1-452F5069CA5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0A3298A8-49C3-416B-8FEC-55DAE9278C31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3AB9CFA5-A2B7-4A30-B34B-4EC78EA80FFF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BF00216B-7EDA-4157-84AE-D55C60C7A11C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C11A4516-A9BC-43CD-86DF-707E78AABE93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E167624B-657E-4FAC-8277-52F5B3CBB0BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61E75F2C-5DCA-4B7B-9319-8B5798B62FE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{2FDCC0D8-9270-416D-B2D4-8487E0476405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{8FFB19E1-6388-46FA-B569-5CBE617FE70F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{64EE77A9-F44F-4040-8087-C11AEBD30D12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{019D497C-065A-40AF-AB6B-8C91EA55E5D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1202E82-56B0-4314-AB68-7D8B205C81D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0D4FA08B-D1C2-4F52-B93A-21E7E9FADA5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{935F0574-CBD7-4702-9FF4-B9742F056093}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{606F0C92-8CD6-4465-8791-0F771F1052E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E785891B-9BD1-4AA4-8B98-284CA0275CAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{482C0801-FC2C-4DED-9F99-0F324041FB19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23EB6AD5-666C-4E9E-AD70-15D5BFD6A44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{999D146E-3FE3-413E-BF10-CF998C1052A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B7FDC131-CE99-49CA-AC1C-C6A95AC471D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FDE37255-01DB-4DA3-BB3E-810C3417F5B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4543453F-4003-4DA8-BB3A-543CB44A67E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EFC979DE-AA86-43B1-B785-3DE72BCDE6F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC62F197-AAD4-491C-BD83-97A25274A998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{561C157D-5B00-47D0-848A-52CD490B5F45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A46E5A6D-B450-4DED-9C4B-E4C63F23721F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{58FD1703-87D5-48ED-9512-66E6ACCB805B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3CA11D9F-09E5-453A-BD60-2FCD6F0C2AEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4D5F872-DF02-4818-B85F-61768D0B1912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5E46586A-EABA-4B30-8255-E9764EDEC9EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{153BC4F0-98EA-40CD-AF4C-D72F702BEFB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2067D819-4B09-46B2-B1DC-2C0701BCEC9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC08903F-FD1B-4208-AB13-7EB00F88480F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4155CCDF-C5E4-4145-A2D3-163301133CD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7FAD33AD-40E2-4EEC-AF83-9E3F1380A1A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{20FB94E9-2967-47AF-903D-A39E08C30C2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA297554-E315-427E-BFA3-BE8E4E22E562}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FB6AE280-3624-4C42-8FB5-54145B8E25AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EA2255B8-0EE7-41F9-A0C6-CCC6D0C1F72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F9D12310-E1A3-41F9-9014-63B5805B38C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6E77296E-2145-4173-9E26-CC3254535B85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2E4C7CC-66E3-457E-8683-18A1DDFE5300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0FB5E690-5EA3-480D-8376-C6178FF8E6C7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F5546776-7D86-4C8A-B9B9-C7DCAEB8CB08}] => (Allow) LPort=2869
FirewallRules: [{971417C2-6796-4F1E-B566-C7DE35FF01F6}] => (Allow) LPort=1900
FirewallRules: [{95F1A76E-80D7-4766-B2F6-F78CC7C25904}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FC73B029-EDE3-49FC-AEBF-62DC555DE5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{198E1E45-A1BA-4406-895C-92B935110FEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4BBCB0DF-826A-4033-9E05-2B4B805CC8D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EC96479A-95CF-4974-9127-616BFD237821}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7C4CA72D-4FA8-4A3A-851D-CEA28B00E5E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A16B5E30-C2E2-4A59-BC7E-A41718E3A0BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A01067AE-CADC-44A4-A141-85C4A947E6E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0FCF626A-66FA-4099-9D92-068E8BC6F383}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{655D7C63-5562-471B-9DC2-F5CF079BC11B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AD1A8927-FE35-4B37-A026-2EF63CBF2000}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{48F33E25-A4C9-408A-A0FF-69A52203F77B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D0A5C7F1-3764-449F-B4AC-E97484C22382}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5309E4AC-FD8C-46CC-B57E-8BE1B0267F10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{42A6E13C-22E7-4E96-BDF0-C99894A7A5B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A58EE8FF-0739-4C60-9C4B-8CF65D92F41F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{44AAE735-674D-4632-B09F-F4DD62472156}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{42046D32-067C-4541-AD75-CF654F762530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FB8FFBBD-5F6F-4FF8-8C8B-1B0115F7BAD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3FA2E721-CBE4-4AEB-9DF3-BBC82F814FB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A7E2594A-4934-4338-8EF4-1070A1BFA6AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{89AB22DF-8217-4274-B977-5CB7B49C6B68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4A576500-3BD5-44EF-9A67-AEBD43DED730}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{E3D37181-4715-40C6-8999-7F87B0D80743}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{D116422C-A176-42F9-A33E-4F6FAB2AFA5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{CED8FDEE-BC5E-41E8-B778-90704F734D5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{1E9CC3EA-FCAA-4695-9A6A-E7D5C7F386A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98F2F7D6-B9F0-47DD-9809-6BB95F419CF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{520C0139-D7AA-4FDE-AF48-E514ECB62825}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{05A4366A-9D27-4837-AB2A-AAEDE51DDD38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{217FB283-D690-476F-8A86-4BFB42E89299}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2BDFC450-9C4C-44DF-BF97-122FEB2DC314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2E5D4C6-DEA5-4557-B4E0-D07BFB5F2702}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3F2C7FCD-8F5E-4F56-8523-A54E3B5C798E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8DDD5E18-032F-4429-9AD3-F3DC62323EB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C808F94E-8D18-4046-B71A-B712024A3045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{C2E36DCD-99EB-4D1E-9009-7C6B06E6EF1B}C:\users\endon\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\endon\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{84BFE415-0D32-4210-B1BF-2B0CD810EAEA}C:\users\endon\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\endon\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{A8F672C1-0D99-46F5-B264-6EC49C4A2C21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{10C0B4F6-A866-44ED-A0D3-B622D91EDB4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5AA9DEEF-A2E6-4C37-A085-1BA69231976D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87C3FD7E-FBBE-4CEC-AA20-C8A19EDF6ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DD438027-C6B3-4AED-B726-C3C9C9613DC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{50EED65F-0A4C-499E-8F0D-A94AC6EC0F50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7986E877-9F43-42D1-926C-659BB5EEC239}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0CBC54FC-FB8A-42CA-977E-4F90A16E7102}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8C44F6F-B1EF-4E6D-BC5D-78DF7145BAD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{32301E01-74F7-451A-8927-CF054956CAC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E5B3BFA-F6F1-400C-97F7-FB1B031FB933}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7B24C34D-A970-498D-A7CE-D3F8680DCC4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{25C421D0-60FE-494A-AC83-61E43CC8CE92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{731704C2-FC86-439B-AAA1-C62BAEC7559F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CDE27551-4D56-46F4-BD60-C4BBCB70CB02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A3BC4D4E-6262-48B8-B85C-2CD434A30998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5A5029E4-213F-41A6-A589-783807EABA84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{83324F97-423C-4288-AAA9-8065FD386D92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{15C8F5E6-34F8-4286-8999-6F18504FD8B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01CFBCD2-B41C-4CC6-8418-8812C460322C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A0B23296-6759-48D2-A148-424041C93F12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{77744BFC-10D3-4BB5-8B22-BFA9745DB1A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CE68B468-DC26-4297-B92E-A24A8AF1F262}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{853BEE53-4F1F-4D61-8456-D1F0173EF32E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{81E27C88-3220-4784-8A22-ABB7F3363E4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BE4A9AB5-8D08-4DA6-9D24-5B06E7A752FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{92F239D3-7F3A-49BB-913D-724E1E0640D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6F713C57-802C-4758-814A-A446A41039F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C8EFE8C9-641D-41A6-8E17-51F0E3246827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{69735FCA-A7BB-49C9-B2A0-9B3B54376D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C7E2C767-70F1-40E4-9BD3-6B62FC831894}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{02563C76-BEB9-4BD0-AFDB-212D4E647632}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{319E9FCC-2585-4C41-8F72-F06DB4F322E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4A6FE153-5B59-47F3-8AD9-BBBFBE14335E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{218EED03-163C-4ECB-BC39-1CACF5AE1500}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DF2C5421-24A8-45F0-9D10-13B410A8E07B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{07DDF4F7-1CD6-4090-B257-4F1290ADC7E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0E4392BC-8D45-45C8-863A-4E19FB2A509F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8D2321A2-F67A-485B-B611-85080D4D9B15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AFD25C9-618B-494B-9262-13DCBBD1D0F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{407793E5-6628-4B2A-A992-973943FE99C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{00714156-AFBB-4CD6-A73B-26A4D24750DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D41EFB1F-8FC8-4B9C-9170-8CCBB9A19A47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{87B7386F-540C-41C1-8CFB-C88C3CFA799E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F4EBDA08-496D-4A43-93B8-356587421319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E8408F21-3BB6-403B-8790-3CEF4281368E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61977925-4994-4587-B23B-4DA5B07E6B89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{636F0DE1-9A8A-4F4A-954B-53DA5704C1FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8CBE1BA0-B29F-42B4-AC0F-0BC74F57E1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DC9394A7-3CF3-4877-9977-96CD7F1CEC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{553105A8-5725-41E9-BE70-7D8E752E3F56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A38805C1-0F9D-41AF-9F99-E8EF60905F76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C2CC84F4-0FD3-43D8-908B-5E153BC26FC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2E73D80F-B883-477F-91D1-55D5710090F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{62239439-5C97-40AB-81F4-FB64FABBAE66}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD788F41-EF0B-4668-A7F1-27125F887171}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{099863B5-6E5C-47FA-92DC-20370A953604}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4ED0CB3F-F03B-4ABA-A9B4-D051DFB6D64F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{92257C58-9965-4ED3-8265-8BAE999FB4E3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{5EB50599-EE31-4945-B19E-257FBA12BA10}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{C159D554-2CB0-4DAD-A9C6-CFAF852915AC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{66B8BD4D-4CD1-473D-8443-FEFEDBFEADCD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{74B9A1B4-02FE-4BDE-83BF-EC15611CA773}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{22035C0E-022C-43B0-80D9-471CB47C0EA8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{50E5A9A9-50AF-41E8-A683-B8D90EAF862C}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{9405F578-8AFC-4707-964B-6E8C7AA44DAA}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{2A36F034-87EE-4EB8-BC2A-65BE7C12FE9E}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{82BCF370-D07D-4D49-9485-88BFC7CE4001}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{DA46094C-F066-4E90-BB52-4F6E14EADD13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3887FD82-0B70-4BB2-97EE-24BEE4B602AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A2BB7B29-F8C3-4762-8C7A-AC50B985C9E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{84B3D56E-BDE3-455D-B302-5200B7459EA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{529EDD65-2EE1-4BBD-ABC5-DDCB54A097F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{585EE6E3-7534-4CAE-9828-17367B8D0161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E8313815-1251-4061-8C2B-FC2FBD6216B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2F6770D0-CDBB-45F2-AC3D-4AC4DDB4D928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6754A1AC-2398-4C07-BCF1-12A2C3E30E0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{EF044260-654B-475A-A3C4-55DBF68959B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{782BD277-E2D5-4CB5-9914-327AEBC93A2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1CD3390A-C1D7-48EE-8A06-88C9DE3B36C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9E44A7AD-53CA-4A31-9C29-BDB926FE2671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{39D55820-3786-4250-B6CB-07C841EF40A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{95EDD498-E606-403A-A48E-319CC003F26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A0910C64-9254-42C7-BEF1-AA4829EFF3D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3977E5EE-C0C0-4B52-B93F-9312C488FF70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{47E85FC7-D336-4808-87E0-7C70DA7674AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67179EAB-D28A-4A86-996B-EAF8DAACF830}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B9C8A56-1AB2-4B98-B7BD-A6D2C5E5F48C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D44E73A1-B340-40CF-AFD9-93DA03122C5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61875924-F9D7-44C7-802A-D2AC9DFB71AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2AC410F6-B8E2-4719-BDA6-2BA1EDD1F0C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AC019DDB-1069-4C6A-B5DB-F365F8FAE21D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B33D0815-5B22-48C8-8985-164193F00DED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1284ADC3-03EF-435F-9EED-84FAA85D13B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{224147E2-1CDF-4514-B369-66A5560DC5B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA601AFF-CD00-4EDC-AAA2-CCDC779D9922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E0839EDA-1694-4F8E-9366-890EC6EDC364}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67589632-6FCB-49DF-8821-7B80A22C3C4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B68A1BB5-3789-4098-B5F4-F068CF02A8AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DB436190-428A-4933-9032-2AE8B1CDC51A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{42BF20AF-8DD9-4690-B452-2A20E12BA0E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{682EEF9E-4C4F-4DD1-AE65-87E558BF1B26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{70E196A2-AE88-4387-AFB1-E7658A6AB6D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5657B439-7DDB-4CFA-B5CF-BB4A13B9857E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3AE4A2A9-68CB-47F6-85C7-07D240D2961A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{28D8AA05-D303-4354-B021-6508B2AA565A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E661ADE1-F90E-4D6F-8583-C7AE17C731A8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A9469753-88FF-4A74-AC96-3179A666EE25}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{51F74BA2-F0BE-48E3-82E4-FA286CC2ED9E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BEBCDF43-2230-49D0-9D42-319F716F85CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8D7B3061-9571-4F95-8F2F-D749C7050F60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E99E75C3-B64A-49C0-9BC5-68E6E858D6B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7A819F54-1647-4536-B9A0-35E6EFC71D26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{05C8E907-0BA1-4A66-904A-E580257E93B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DE230F4A-259A-4525-A682-4079082146EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F97D0398-B76B-485F-BEE3-F394E7ECE279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A6AF67C5-4EDC-43DD-937E-FFC9C48726B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CE12958A-CF77-4439-9829-8E4D26ED1E3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0E80765A-273D-475C-9C55-9B0A621E9268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E3A0A101-C2CD-492F-AABF-9FB8C2481021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9A55DE83-710D-439B-A820-D441C8297D95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7BBF7484-45D6-4CED-9E3F-5AC0B9245573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6EA661EC-397F-43E8-B838-EF7291CBBCCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA15519B-1D9C-49C3-82BF-17949A19D52E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{165C9700-19C0-4763-83ED-F5E2E869EB9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FA118D6E-061E-40F1-9CE0-D4401DAC2870}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01B6D724-5E12-4FB6-9163-B17402CD4955}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Restore Points =========================
15-03-2017 20:52:10 JRT Pre-Junkware Removal
15-03-2017 20:53:17 JRT Pre-Junkware Removal
20-03-2017 18:03:16 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/21/2017 11:51:31 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (03/20/2017 09:28:58 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Critical Policy [2]
Error: (03/20/2017 09:28:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyActive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (03/20/2017 09:28:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 693
Executing Function: PolicyBase::releaseControlofOsc
Message: Failed to release OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Active Policy [0]
Error: (03/20/2017 09:28:55 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Active Policy [0]
Error: (03/20/2017 09:25:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector\kernel\ces\CES_AudioCacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (03/20/2017 09:25:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\cyberlink\photodirector\kernel\ces\CES_CacheAgent.exe.Manifest se nezdařilo.
Závislé sestavení PDR.X,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (03/20/2017 06:56:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-84BQ2CB)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147417836. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/20/2017 06:25:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/20/2017 06:06:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (03/21/2017 04:10:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/21/2017 11:51:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/21/2017 11:51:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/21/2017 11:51:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/21/2017 06:53:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/20/2017 09:33:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/20/2017 09:33:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (03/20/2017 09:33:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/20/2017 09:33:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/20/2017 09:33:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
CodeIntegrity:
===================================
Date: 2017-03-20 18:01:36.528
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-20 18:01:35.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-20 17:17:51.912
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-20 17:17:51.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-15 18:43:46.650
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 18:43:38.286
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 15:42:47.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 15:42:47.051
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-14 18:29:06.104
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-14 18:29:05.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 49%
Total physical RAM: 3934.84 MB
Available physical RAM: 1998.67 MB
Total Virtual: 5854.84 MB
Available Virtual: 3752.91 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:910.59 GB) (Free:677.94 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.7 GB) (Free:2.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (NFSUG2_DISK1) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS
Drive i: (NFSUG2_DISK2) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6303BAA5)
Partition: GPT.
==================== End of Addition.txt ============================
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: kontrola logu - využití disku 100%
Stahovat Eset z torrentů nezní moc legálně ani bezpečně. 
Odinstaluj AVG PC TuneUp.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusť FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
+
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.
Toto otestuj na Virustotal:
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Odinstaluj AVG PC TuneUp.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe7ca-69e0-11e6-9bd7-e094674fc508} - "F:\Setup.exe"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe7fa-69e0-11e6-9bd7-e094674fc508} - "I:\RunGame.exe"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe807-69e0-11e6-9bd7-e094674fc508} - "J:\Autorun.exe"
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Endon\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
C:\Users\Endon\Downloads\[CzT]ESET_NOD32_antivirus_v8_0_304_1_x86_x64_CZ_SK_.torrent
C:\ProgramData\mcafee
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
C:\Program Files (x86)\AVG\AVG PC TuneUp\
Task: {186713FA-67C8-4D59-83ED-300DFEDAAE9B} - System32\Tasks\HPCeeScheduleForEndon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {1AA58AC0-C207-4A96-80F8-27189A10E2B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A86379B2-7E80-4189-9F45-EB1A29B1EBB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {AAECB214-3310-4F38-845E-A55952A233D5} - System32\Tasks\{09C39567-F431-40FD-A9DA-36AB4B46B357} => pcalua.exe -a J:\TESV.exe -d J:\
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
AlternateDataStreams: C:\Users\Endon:Heroes & Generals [38]
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusť FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
+
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.
Toto otestuj na Virustotal:
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: kontrola logu - využití disku 100%
pc je bratrovo, nvm co s nim dělal 
, ale to je jedno
log z FRST fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Endon (21-03-2017 18:57:59) Run:1
Running from C:\Users\Endon\Desktop
Loaded Profiles: Endon (Available Profiles: Endon)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe7ca-69e0-11e6-9bd7-e094674fc508} - "F:\Setup.exe"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe7fa-69e0-11e6-9bd7-e094674fc508} - "I:\RunGame.exe"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe807-69e0-11e6-9bd7-e094674fc508} - "J:\Autorun.exe"
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Endon\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
C:\Users\Endon\Downloads\[CzT]ESET_NOD32_antivirus_v8_0_304_1_x86_x64_CZ_SK_.torrent
C:\ProgramData\mcafee
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
C:\Program Files (x86)\AVG\AVG PC TuneUp\
Task: {186713FA-67C8-4D59-83ED-300DFEDAAE9B} - System32\Tasks\HPCeeScheduleForEndon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {1AA58AC0-C207-4A96-80F8-27189A10E2B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A86379B2-7E80-4189-9F45-EB1A29B1EBB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {AAECB214-3310-4F38-845E-A55952A233D5} - System32\Tasks\{09C39567-F431-40FD-A9DA-36AB4B46B357} => pcalua.exe -a J:\TESV.exe -d J:\
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
AlternateDataStreams: C:\Users\Endon:Heroes & Generals [38]
*****************
Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508} => key removed successfully
HKCR\CLSID\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508} => key not found.
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508} => key removed successfully
HKCR\CLSID\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508} => key not found.
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6fbe807-69e0-11e6-9bd7-e094674fc508} => key removed successfully
HKCR\CLSID\{b6fbe807-69e0-11e6-9bd7-e094674fc508} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\Users\Endon\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK) => moved successfully
C:\Users\Endon\Downloads\[CzT]ESET_NOD32_antivirus_v8_0_304_1_x86_x64_CZ_SK_.torrent => moved successfully
C:\ProgramData\mcafee => moved successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 => moved successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task => moved successfully
"C:\Program Files (x86)\AVG\AVG PC TuneUp" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{186713FA-67C8-4D59-83ED-300DFEDAAE9B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{186713FA-67C8-4D59-83ED-300DFEDAAE9B} => key removed successfully
C:\WINDOWS\System32\Tasks\HPCeeScheduleForEndon => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForEndon => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AA58AC0-C207-4A96-80F8-27189A10E2B1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AA58AC0-C207-4A96-80F8-27189A10E2B1} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} => key removed successfully
C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A86379B2-7E80-4189-9F45-EB1A29B1EBB0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A86379B2-7E80-4189-9F45-EB1A29B1EBB0} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAECB214-3310-4F38-845E-A55952A233D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAECB214-3310-4F38-845E-A55952A233D5} => key removed successfully
C:\WINDOWS\System32\Tasks\{09C39567-F431-40FD-A9DA-36AB4B46B357} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{09C39567-F431-40FD-A9DA-36AB4B46B357} => key removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => not found.
C:\Users\Endon => ":Heroes & Generals" ADS removed successfully.
The system needed a reboot.
==== End of Fixlog 18:58:58 ====
jinak co že mam otestovat na Virustotal? Nějak sem to nepochopil, nebo jsi tam zapomněl něco dopsat?
, ale to je jednolog z FRST fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Endon (21-03-2017 18:57:59) Run:1
Running from C:\Users\Endon\Desktop
Loaded Profiles: Endon (Available Profiles: Endon)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe7ca-69e0-11e6-9bd7-e094674fc508} - "F:\Setup.exe"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe7fa-69e0-11e6-9bd7-e094674fc508} - "I:\RunGame.exe"
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\...\MountPoints2: {b6fbe807-69e0-11e6-9bd7-e094674fc508} - "J:\Autorun.exe"
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
C:\Users\Endon\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
C:\Users\Endon\Downloads\[CzT]ESET_NOD32_antivirus_v8_0_304_1_x86_x64_CZ_SK_.torrent
C:\ProgramData\mcafee
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
C:\Program Files (x86)\AVG\AVG PC TuneUp\
Task: {186713FA-67C8-4D59-83ED-300DFEDAAE9B} - System32\Tasks\HPCeeScheduleForEndon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {1AA58AC0-C207-4A96-80F8-27189A10E2B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A86379B2-7E80-4189-9F45-EB1A29B1EBB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23] (Google Inc.)
Task: {AAECB214-3310-4F38-845E-A55952A233D5} - System32\Tasks\{09C39567-F431-40FD-A9DA-36AB4B46B357} => pcalua.exe -a J:\TESV.exe -d J:\
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
AlternateDataStreams: C:\Users\Endon:Heroes & Generals [38]
*****************
Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508} => key removed successfully
HKCR\CLSID\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508} => key not found.
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508} => key removed successfully
HKCR\CLSID\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508} => key not found.
HKU\S-1-5-21-3451961156-4237405861-3929623962-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6fbe807-69e0-11e6-9bd7-e094674fc508} => key removed successfully
HKCR\CLSID\{b6fbe807-69e0-11e6-9bd7-e094674fc508} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\Users\Endon\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK) => moved successfully
C:\Users\Endon\Downloads\[CzT]ESET_NOD32_antivirus_v8_0_304_1_x86_x64_CZ_SK_.torrent => moved successfully
C:\ProgramData\mcafee => moved successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 => moved successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task => moved successfully
"C:\Program Files (x86)\AVG\AVG PC TuneUp" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{186713FA-67C8-4D59-83ED-300DFEDAAE9B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{186713FA-67C8-4D59-83ED-300DFEDAAE9B} => key removed successfully
C:\WINDOWS\System32\Tasks\HPCeeScheduleForEndon => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForEndon => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AA58AC0-C207-4A96-80F8-27189A10E2B1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AA58AC0-C207-4A96-80F8-27189A10E2B1} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EF1F7CB-3FDE-4100-95D4-49CAA4398E79} => key removed successfully
C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A86379B2-7E80-4189-9F45-EB1A29B1EBB0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A86379B2-7E80-4189-9F45-EB1A29B1EBB0} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAECB214-3310-4F38-845E-A55952A233D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAECB214-3310-4F38-845E-A55952A233D5} => key removed successfully
C:\WINDOWS\System32\Tasks\{09C39567-F431-40FD-A9DA-36AB4B46B357} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{09C39567-F431-40FD-A9DA-36AB4B46B357} => key removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => not found.
C:\Users\Endon => ":Heroes & Generals" ADS removed successfully.
The system needed a reboot.
==== End of Fixlog 18:58:58 ====
jinak co že mam otestovat na Virustotal? Nějak sem to nepochopil, nebo jsi tam zapomněl něco dopsat?
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu - využití disku 100%
Kolega zapomněl dopsat ten soubor.
Co problémy?
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu - využití disku 100%
No, reakce systému/programů se mi zdají už celkem ok, start pořád hodně pomalu a po startu pořád chvíli trvá, než se může používat a vužití disku už neni 100%, ale tak nějak kolísá. Chvíli je 0-20% pak chvíli 80-100% a většinu času je něco mezi, kolem 20-50%
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu - využití disku 100%
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu - využití disku 100%
tak zas po delší době přidávám logy
log z aswMBR
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-03-24 15:22:31
-----------------------------
15:22:31.178 OS Version: Windows x64 6.2.9200
15:22:31.178 Number of processors: 4 586 0x4E03
15:22:31.178 ComputerName: DESKTOP-84BQ2CB UserName: Endon
15:22:36.804 Initialize success
15:22:36.944 VM: initialized successfully
15:22:36.944 VM: Intel CPU BiosDisabled
15:22:43.229 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000035
15:22:43.229 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2BA30001 Size: 953869MB BusType: 11
15:22:43.386 Disk 0 MBR read successfully
15:22:43.386 Disk 0 MBR scan
15:22:43.386 Disk 0 unknown MBR code
15:22:43.401 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
15:22:43.417 Disk 0 scanning C:\WINDOWS\system32\drivers
15:22:58.143 Service scanning
15:23:02.034 Service ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys **LOCKED**
15:23:14.145 Modules scanning
15:23:14.145 Disk 0 trace - called modules:
15:23:14.176 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys storport.sys hal.dll iaStorA.sys
15:23:14.176 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffff860a12bd2060]
15:23:14.176 3 CLASSPNP.SYS[fffff800d0255efb] -> nt!IofCallDriver -> [0xffff860a12afd910]
15:23:14.176 5 hpdskflt.sys[fffff800d100242b] -> nt!IofCallDriver -> [0xffff860a107dfe40]
15:23:14.192 7 ACPI.sys[fffff800cfe54571] -> nt!IofCallDriver -> \Device\00000035[0xffff860a0e85f400]
15:23:14.192 Disk 0 statistics 79176/0/0 @ 4,84 MB/s
15:23:14.192 Scan finished successfully
15:23:25.771 Disk 0 MBR has been saved successfully to "C:\Users\Endon\Desktop\MBR.dat"
15:23:25.771 The log file has been saved successfully to "C:\Users\Endon\Desktop\aswMBR.txt"
log z aswMBR
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-03-24 15:22:31
-----------------------------
15:22:31.178 OS Version: Windows x64 6.2.9200
15:22:31.178 Number of processors: 4 586 0x4E03
15:22:31.178 ComputerName: DESKTOP-84BQ2CB UserName: Endon
15:22:36.804 Initialize success
15:22:36.944 VM: initialized successfully
15:22:36.944 VM: Intel CPU BiosDisabled
15:22:43.229 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000035
15:22:43.229 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2BA30001 Size: 953869MB BusType: 11
15:22:43.386 Disk 0 MBR read successfully
15:22:43.386 Disk 0 MBR scan
15:22:43.386 Disk 0 unknown MBR code
15:22:43.401 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
15:22:43.417 Disk 0 scanning C:\WINDOWS\system32\drivers
15:22:58.143 Service scanning
15:23:02.034 Service ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys **LOCKED**
15:23:14.145 Modules scanning
15:23:14.145 Disk 0 trace - called modules:
15:23:14.176 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys storport.sys hal.dll iaStorA.sys
15:23:14.176 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffff860a12bd2060]
15:23:14.176 3 CLASSPNP.SYS[fffff800d0255efb] -> nt!IofCallDriver -> [0xffff860a12afd910]
15:23:14.176 5 hpdskflt.sys[fffff800d100242b] -> nt!IofCallDriver -> [0xffff860a107dfe40]
15:23:14.192 7 ACPI.sys[fffff800cfe54571] -> nt!IofCallDriver -> \Device\00000035[0xffff860a0e85f400]
15:23:14.192 Disk 0 statistics 79176/0/0 @ 4,84 MB/s
15:23:14.192 Scan finished successfully
15:23:25.771 Disk 0 MBR has been saved successfully to "C:\Users\Endon\Desktop\MBR.dat"
15:23:25.771 The log file has been saved successfully to "C:\Users\Endon\Desktop\aswMBR.txt"
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
Re: kontrola logu - využití disku 100%
log z OTL - OTL 1/4
OTL logfile created on: 24.03.2017 15:26:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Endon\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy
3,84 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 50,43% Memory free
5,59 Gb Paging File | 3,39 Gb Available in Paging File | 60,63% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 910,59 Gb Total Space | 682,91 Gb Free Space | 75,00% Space Free | Partition Type: NTFS
Drive D: | 19,70 Gb Total Space | 2,27 Gb Free Space | 11,51% Space Free | Partition Type: NTFS
Drive F: | 647,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 676,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: DESKTOP-84BQ2CB | User Name: Endon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Endon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Endon\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
PRC - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
PRC - C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Windows\SysWOW64\esif_uf.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel)
PRC - C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\CyberLink\Shared files\RichVideo64.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node ()
========== Services (SafeList) ==========
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe (Intel Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (cphs) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe (Intel Corporation)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe ()
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (SynTPEnhService) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (WpnUserService_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (Disc Soft Lite Bus Service) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd)
SRV:64bit: - (ibtsiva) -- C:\WINDOWS\SysNative\ibtsiva.exe (Intel Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (IntelUSBoverIP) -- C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (AESMService) -- C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (RichVideo64) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe ()
SRV - (Origin Web Helper Service) -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Electronic Arts)
SRV - (Origin Client Service) -- C:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (ZAMSvc) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (cplspcon) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe (Intel Corporation)
SRV - (igfxCUIService2.0.0.0) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe (Intel Corporation)
SRV - (cphs) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HPSupportSolutionsFrameworkService) -- c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (HPWMISVC) -- c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (esifsvc) -- C:\Windows\SysWOW64\esif_uf.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (ZAM) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (dtliteusbbus) -- C:\Windows\SysNative\drivers\dtliteusbbus.sys (Disc Soft Ltd)
DRV:64bit: - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys ()
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (scmdisk0101) -- C:\Windows\SysNative\drivers\scmdisk0101.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (Netwtw04) -- C:\Windows\SysNative\drivers\Netwtw04.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (esif_lf) -- C:\Windows\SysNative\drivers\esif_lf.sys (Intel Corporation)
DRV:64bit: - (dptf_cpu) -- C:\Windows\SysNative\drivers\dptf_cpu.sys (Intel Corporation)
DRV:64bit: - (Netwtw02) -- C:\Windows\SysNative\drivers\Netwtw02.sys (Intel Corporation)
DRV:64bit: - (aswTap) -- C:\Windows\SysNative\drivers\aswTap.sys (The OpenVPN Project)
DRV:64bit: - (RTSPER) -- C:\Windows\SysNative\drivers\RtsPer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (WirelessButtonDriver64) -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys (HP Inc.)
DRV:64bit: - (SGXEPC) -- C:\Windows\SysNative\drivers\sgx_driver.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (clwvd6) -- C:\Windows\SysNative\drivers\clwvd6.sys (CyberLink Corporation)
DRV - (aswVmm) -- C:\Users\Endon\AppData\Local\Temp\aswVmm.sys ()
DRV - (aswMBR) -- C:\Users\Endon\AppData\Local\Temp\aswMBR.sys ()
DRV - (igfx) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvlddmkm.sys (NVIDIA Corporation)
DRV - (xhunter1) -- C:\Windows\xhunter1.sys (Wellbia.com Co., Ltd.)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 16 A5 F8 9A F7 10 D2 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
[2017.02.23 08:29:38 | 000,043,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
OTL logfile created on: 24.03.2017 15:26:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Endon\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy
3,84 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 50,43% Memory free
5,59 Gb Paging File | 3,39 Gb Available in Paging File | 60,63% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 910,59 Gb Total Space | 682,91 Gb Free Space | 75,00% Space Free | Partition Type: NTFS
Drive D: | 19,70 Gb Total Space | 2,27 Gb Free Space | 11,51% Space Free | Partition Type: NTFS
Drive F: | 647,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 676,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: DESKTOP-84BQ2CB | User Name: Endon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Endon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Endon\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
PRC - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
PRC - C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Windows\SysWOW64\esif_uf.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel)
PRC - C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\CyberLink\Shared files\RichVideo64.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node ()
========== Services (SafeList) ==========
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe (Intel Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (cphs) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe (Intel Corporation)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe ()
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (SynTPEnhService) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (WpnUserService_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_48ff33e) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (Disc Soft Lite Bus Service) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd)
SRV:64bit: - (ibtsiva) -- C:\WINDOWS\SysNative\ibtsiva.exe (Intel Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (IntelUSBoverIP) -- C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (AESMService) -- C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (RichVideo64) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe ()
SRV - (Origin Web Helper Service) -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Electronic Arts)
SRV - (Origin Client Service) -- C:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (ZAMSvc) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (cplspcon) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe (Intel Corporation)
SRV - (igfxCUIService2.0.0.0) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe (Intel Corporation)
SRV - (cphs) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HPSupportSolutionsFrameworkService) -- c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (HPWMISVC) -- c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (esifsvc) -- C:\Windows\SysWOW64\esif_uf.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (ZAM) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (dtliteusbbus) -- C:\Windows\SysNative\drivers\dtliteusbbus.sys (Disc Soft Ltd)
DRV:64bit: - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys ()
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (scmdisk0101) -- C:\Windows\SysNative\drivers\scmdisk0101.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (Netwtw04) -- C:\Windows\SysNative\drivers\Netwtw04.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (esif_lf) -- C:\Windows\SysNative\drivers\esif_lf.sys (Intel Corporation)
DRV:64bit: - (dptf_cpu) -- C:\Windows\SysNative\drivers\dptf_cpu.sys (Intel Corporation)
DRV:64bit: - (Netwtw02) -- C:\Windows\SysNative\drivers\Netwtw02.sys (Intel Corporation)
DRV:64bit: - (aswTap) -- C:\Windows\SysNative\drivers\aswTap.sys (The OpenVPN Project)
DRV:64bit: - (RTSPER) -- C:\Windows\SysNative\drivers\RtsPer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (WirelessButtonDriver64) -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys (HP Inc.)
DRV:64bit: - (SGXEPC) -- C:\Windows\SysNative\drivers\sgx_driver.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (clwvd6) -- C:\Windows\SysNative\drivers\clwvd6.sys (CyberLink Corporation)
DRV - (aswVmm) -- C:\Users\Endon\AppData\Local\Temp\aswVmm.sys ()
DRV - (aswMBR) -- C:\Users\Endon\AppData\Local\Temp\aswMBR.sys ()
DRV - (igfx) -- C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_5603cb253b01e5cd\nvlddmkm.sys (NVIDIA Corporation)
DRV - (xhunter1) -- C:\Windows\xhunter1.sys (Wellbia.com Co., Ltd.)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 16 A5 F8 9A F7 10 D2 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
[2017.02.23 08:29:38 | 000,043,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
Re: kontrola logu - využití disku 100%
log z OTL - OTL 2/4
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_1\
O1 HOSTS File: ([2017.03.20 16:05:58 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft OneDrive for Business Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (HP Inc.)
O4:64bit: - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [OneDrive] C:\Users\Endon\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do OneNotu - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do OneNotu - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40bcdb8e-f8fe-413f-9112-44f836fa8ea9}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d91d716a-06be-4997-baee-08a96d350118}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.10.26 00:40:24 | 000,000,107 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:40:24 | 000,000,000 | ---D | M] - H:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:40:24 | 000,684,032 | R--- | M] (Electronic Arts Inc.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004.10.15 05:59:34 | 000,577,536 | R--- | M] (Electronic Arts Inc.) - H:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:46:32 | 000,000,105 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508}\Shell - "" = AutoRun
O33 - MountPoints2\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2004.10.15 05:59:34 | 000,110,592 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508}\Shell - "" = AutoRun
O33 - MountPoints2\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508}\Shell\AutoRun\command - "" = F:\RunGame.exe -- [2004.10.26 00:40:24 | 000,192,512 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017.03.24 15:23:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Endon\Desktop\OTL.exe
[2017.03.22 15:27:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017.03.21 16:16:51 | 000,000,000 | ---D | C] -- C:\FRST
[2017.03.21 16:16:01 | 002,424,832 | ---- | C] (Farbar) -- C:\Users\Endon\Desktop\FRST64.exe
[2017.03.21 16:13:33 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\Endon\Desktop\aswmbr.exe
[2017.03.21 16:12:59 | 000,000,000 | ---D | C] -- C:\Users\Endon\Desktop\backups
[2017.03.20 21:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftwareDistribution
[2017.03.20 21:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Comms
[2017.03.20 17:08:43 | 006,667,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.03.20 17:08:41 | 005,722,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2017.03.20 17:08:40 | 005,685,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.03.20 17:08:39 | 006,109,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2017.03.20 17:08:38 | 013,873,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2017.03.20 17:08:37 | 003,307,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2017.03.20 17:08:36 | 005,380,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2017.03.20 17:08:35 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017.03.20 17:08:33 | 004,312,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.03.20 17:08:33 | 002,646,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnroll.dll
[2017.03.20 17:08:31 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017.03.20 17:08:30 | 002,153,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2017.03.20 17:08:29 | 001,993,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017.03.20 17:08:29 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2017.03.20 17:08:28 | 002,748,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2017.03.20 17:08:28 | 002,277,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2017.03.20 17:08:27 | 004,557,824 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.03.20 17:08:26 | 004,023,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2017.03.20 17:08:25 | 001,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2017.03.20 17:08:23 | 001,277,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2017.03.20 17:08:23 | 001,202,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2017.03.20 17:08:22 | 002,363,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2017.03.20 17:08:21 | 004,423,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017.03.20 17:08:21 | 001,431,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2017.03.20 17:08:21 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudBackupSettings.dll
[2017.03.20 17:08:19 | 002,109,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2017.03.20 17:08:19 | 001,323,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2017.03.20 17:08:19 | 001,137,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2017.03.20 17:08:18 | 000,819,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppContracts.dll
[2017.03.20 17:08:16 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2017.03.20 17:08:16 | 000,781,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2017.03.20 17:08:15 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Phone.dll
[2017.03.20 17:08:14 | 000,981,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2017.03.20 17:08:13 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Speech.dll
[2017.03.20 17:08:12 | 002,996,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.03.20 17:08:12 | 000,975,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2017.03.20 17:08:11 | 001,969,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll
[2017.03.20 17:08:11 | 001,004,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2017.03.20 17:08:10 | 002,740,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2017.03.20 17:08:10 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2017.03.20 17:08:08 | 001,415,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.03.20 17:08:07 | 001,320,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2017.03.20 17:08:07 | 000,827,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2017.03.20 17:08:07 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2017.03.20 17:08:06 | 001,221,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2017.03.20 17:08:06 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2017.03.20 17:08:06 | 000,570,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2017.03.20 17:08:05 | 004,613,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2017.03.20 17:08:05 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
[2017.03.20 17:08:04 | 000,965,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2017.03.20 17:08:04 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2017.03.20 17:08:04 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2017.03.20 17:08:03 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2017.03.20 17:08:03 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2017.03.20 17:08:02 | 001,853,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2017.03.20 17:08:02 | 000,952,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2017.03.20 17:08:02 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2017.03.20 17:08:02 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017.03.20 17:08:01 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2017.03.20 17:08:00 | 007,468,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017.03.20 17:08:00 | 000,545,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.03.20 17:08:00 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2017.03.20 17:07:59 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2017.03.20 17:07:59 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2017.03.20 17:07:59 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017.03.20 17:07:59 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTMediaFrame.dll
[2017.03.20 17:07:58 | 001,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Maps.dll
[2017.03.20 17:07:58 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2017.03.20 17:07:58 | 000,576,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.03.20 17:07:57 | 000,557,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2017.03.20 17:07:57 | 000,530,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2017.03.20 17:07:57 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2017.03.20 17:07:56 | 001,564,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017.03.20 17:07:56 | 001,456,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2017.03.20 17:07:56 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2017.03.20 17:07:56 | 000,493,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.03.20 17:07:56 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2017.03.20 17:07:56 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2017.03.20 17:07:56 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2017.03.20 17:07:55 | 002,484,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2017.03.20 17:07:55 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017.03.20 17:07:55 | 000,315,744 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.03.20 17:07:55 | 000,248,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2017.03.20 17:07:54 | 002,206,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2017.03.20 17:07:54 | 001,557,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2017.03.20 17:07:54 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2017.03.20 17:07:54 | 000,321,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2017.03.20 17:07:53 | 003,198,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2017.03.20 17:07:53 | 001,534,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.3D.dll
[2017.03.20 17:07:53 | 000,895,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2017.03.20 17:07:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppointmentApis.dll
[2017.03.20 17:07:53 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll
[2017.03.20 17:07:53 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.03.20 17:07:53 | 000,130,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2017.03.20 17:07:52 | 000,976,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2017.03.20 17:07:52 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2017.03.20 17:07:51 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe
[2017.03.20 17:07:51 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPTpm12.dll
[2017.03.20 17:07:50 | 001,656,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Perception.dll
[2017.03.20 17:07:50 | 000,901,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2017.03.20 17:07:50 | 000,549,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2017.03.20 17:07:50 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2017.03.20 17:07:49 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2017.03.20 17:07:49 | 001,077,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Editing.dll
[2017.03.20 17:07:49 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EmailApis.dll
[2017.03.20 17:07:49 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017.03.20 17:07:49 | 000,675,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2017.03.20 17:07:49 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.PointOfService.dll
[2017.03.20 17:07:49 | 000,173,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll
[2017.03.20 17:07:49 | 000,034,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll
[2017.03.20 17:07:48 | 001,123,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2017.03.20 17:07:48 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MiracastReceiver.dll
[2017.03.20 17:07:48 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2017.03.20 17:07:48 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.AllJoyn.dll
[2017.03.20 17:07:48 | 000,313,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2017.03.20 17:07:48 | 000,306,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
[2017.03.20 17:07:47 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2017.03.20 17:07:47 | 001,360,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2017.03.20 17:07:47 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2017.03.20 17:07:47 | 000,136,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostUser.dll
[2017.03.20 17:07:46 | 001,293,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2017.03.20 17:07:46 | 000,640,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2017.03.20 17:07:46 | 000,598,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2017.03.20 17:07:46 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017.03.20 17:07:45 | 003,106,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2017.03.20 17:07:45 | 000,374,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2017.03.20 17:07:45 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2017.03.20 17:07:45 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2017.03.20 17:07:45 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2017.03.20 17:07:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll
[2017.03.20 17:07:44 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_sr.dll
[2017.03.20 17:07:44 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Import.dll
[2017.03.20 17:07:44 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2017.03.20 17:07:44 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.SmartCards.dll
[2017.03.20 17:07:44 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2017.03.20 17:07:44 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
[2017.03.20 17:07:44 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2017.03.20 17:07:43 | 000,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2017.03.20 17:07:43 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2017.03.20 17:07:42 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2017.03.20 17:07:42 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.LowLevel.dll
[2017.03.20 17:07:42 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Midi.dll
[2017.03.20 17:07:42 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2017.03.20 17:07:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2017.03.20 17:07:42 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2017.03.20 17:07:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCCSEngineShared.dll
[2017.03.20 17:07:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiougc.exe
[2017.03.20 17:07:40 | 000,753,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\imapi2fs.dll
[2017.03.20 17:07:40 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.BackgroundMediaPlayback.dll
[2017.03.20 17:07:40 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.WiFiDirect.dll
[2017.03.20 17:07:40 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.XboxLive.Storage.dll
[2017.03.20 17:07:39 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataAccountApis.dll
[2017.03.20 17:07:39 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2017.03.20 17:07:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CryptoWinRT.dll
[2017.03.20 17:07:38 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2017.03.20 17:07:38 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
[2017.03.20 17:07:37 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.03.20 17:07:37 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scksp.dll
[2017.03.20 17:07:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2017.03.20 17:07:36 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2017.03.20 17:07:36 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Wallet.dll
[2017.03.20 17:07:36 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.WiFi.dll
[2017.03.20 17:07:36 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinRtTracing.dll
[2017.03.20 17:07:35 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.FaceAnalysis.dll
[2017.03.20 17:07:35 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2017.03.20 17:07:35 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.dll
[2017.03.20 17:07:35 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2017.03.20 17:07:35 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Identity.Provider.dll
[2017.03.20 17:07:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2017.03.20 17:07:35 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.SerialCommunication.dll
[2017.03.20 17:07:34 | 001,154,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Pimstore.dll
[2017.03.20 17:07:34 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ChatApis.dll
[2017.03.20 17:07:34 | 000,525,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2017.03.20 17:07:34 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2017.03.20 17:07:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToReceiver.dll
[2017.03.20 17:07:33 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll
[2017.03.20 17:07:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BcastDVRHelper.dll
[2017.03.20 17:07:33 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2017.03.20 17:07:33 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll
[2017.03.20 17:07:32 | 001,299,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.03.20 17:07:32 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2017.03.20 17:07:32 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2017.03.20 17:07:32 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msutb.dll
[2017.03.20 17:07:32 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxclu.dll
[2017.03.20 17:07:32 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2017.03.20 17:07:32 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.ServiceDiscovery.Dnssd.dll
[2017.03.20 17:07:31 | 002,458,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2017.03.20 17:07:31 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2017.03.20 17:07:31 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2017.03.20 17:07:31 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2017.03.20 17:07:31 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2017.03.20 17:07:31 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcuiu.dll
[2017.03.20 17:07:31 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExSMime.dll
[2017.03.20 17:07:31 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2017.03.20 17:07:29 | 001,709,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2017.03.20 17:07:29 | 000,783,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2017.03.20 17:07:29 | 000,747,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Ocr.dll
[2017.03.20 17:07:29 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanui.dll
[2017.03.20 17:07:29 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\azroleui.dll
[2017.03.20 17:07:29 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2017.03.20 17:07:29 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2017.03.20 17:07:28 | 001,357,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2017.03.20 17:07:28 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2017.03.20 17:07:28 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RADCUI.dll
[2017.03.20 17:07:28 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2017.03.20 17:07:28 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncSettings.dll
[2017.03.20 17:07:28 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2017.03.20 17:07:28 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.HostName.dll
[2017.03.20 17:07:27 | 000,700,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.Search.dll
[2017.03.20 17:07:27 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Radios.dll
[2017.03.20 17:07:27 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ErrorDetails.dll
[2017.03.20 17:07:26 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\Endon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_1\
O1 HOSTS File: ([2017.03.20 16:05:58 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft OneDrive for Business Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (HP Inc.)
O4:64bit: - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [OneDrive] C:\Users\Endon\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do OneNotu - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do OneNotu - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40bcdb8e-f8fe-413f-9112-44f836fa8ea9}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d91d716a-06be-4997-baee-08a96d350118}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.10.26 00:40:24 | 000,000,107 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:40:24 | 000,000,000 | ---D | M] - H:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:40:24 | 000,684,032 | R--- | M] (Electronic Arts Inc.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004.10.15 05:59:34 | 000,577,536 | R--- | M] (Electronic Arts Inc.) - H:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:46:32 | 000,000,105 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508}\Shell - "" = AutoRun
O33 - MountPoints2\{b6fbe7ca-69e0-11e6-9bd7-e094674fc508}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2004.10.15 05:59:34 | 000,110,592 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508}\Shell - "" = AutoRun
O33 - MountPoints2\{b6fbe7fa-69e0-11e6-9bd7-e094674fc508}\Shell\AutoRun\command - "" = F:\RunGame.exe -- [2004.10.26 00:40:24 | 000,192,512 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017.03.24 15:23:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Endon\Desktop\OTL.exe
[2017.03.22 15:27:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017.03.21 16:16:51 | 000,000,000 | ---D | C] -- C:\FRST
[2017.03.21 16:16:01 | 002,424,832 | ---- | C] (Farbar) -- C:\Users\Endon\Desktop\FRST64.exe
[2017.03.21 16:13:33 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\Endon\Desktop\aswmbr.exe
[2017.03.21 16:12:59 | 000,000,000 | ---D | C] -- C:\Users\Endon\Desktop\backups
[2017.03.20 21:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftwareDistribution
[2017.03.20 21:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Comms
[2017.03.20 17:08:43 | 006,667,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.03.20 17:08:41 | 005,722,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2017.03.20 17:08:40 | 005,685,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.03.20 17:08:39 | 006,109,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2017.03.20 17:08:38 | 013,873,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2017.03.20 17:08:37 | 003,307,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2017.03.20 17:08:36 | 005,380,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2017.03.20 17:08:35 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2017.03.20 17:08:33 | 004,312,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.03.20 17:08:33 | 002,646,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnroll.dll
[2017.03.20 17:08:31 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017.03.20 17:08:30 | 002,153,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2017.03.20 17:08:29 | 001,993,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017.03.20 17:08:29 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2017.03.20 17:08:28 | 002,748,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2017.03.20 17:08:28 | 002,277,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2017.03.20 17:08:27 | 004,557,824 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2017.03.20 17:08:26 | 004,023,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2017.03.20 17:08:25 | 001,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2017.03.20 17:08:23 | 001,277,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2017.03.20 17:08:23 | 001,202,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2017.03.20 17:08:22 | 002,363,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2017.03.20 17:08:21 | 004,423,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2017.03.20 17:08:21 | 001,431,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2017.03.20 17:08:21 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudBackupSettings.dll
[2017.03.20 17:08:19 | 002,109,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2017.03.20 17:08:19 | 001,323,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2017.03.20 17:08:19 | 001,137,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2017.03.20 17:08:18 | 000,819,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppContracts.dll
[2017.03.20 17:08:16 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2017.03.20 17:08:16 | 000,781,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2017.03.20 17:08:15 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Phone.dll
[2017.03.20 17:08:14 | 000,981,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2017.03.20 17:08:13 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Speech.dll
[2017.03.20 17:08:12 | 002,996,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017.03.20 17:08:12 | 000,975,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2017.03.20 17:08:11 | 001,969,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll
[2017.03.20 17:08:11 | 001,004,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2017.03.20 17:08:10 | 002,740,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2017.03.20 17:08:10 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2017.03.20 17:08:08 | 001,415,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.03.20 17:08:07 | 001,320,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comsvcs.dll
[2017.03.20 17:08:07 | 000,827,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2017.03.20 17:08:07 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredProvDataModel.dll
[2017.03.20 17:08:06 | 001,221,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2017.03.20 17:08:06 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2017.03.20 17:08:06 | 000,570,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2017.03.20 17:08:05 | 004,613,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2017.03.20 17:08:05 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
[2017.03.20 17:08:04 | 000,965,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2017.03.20 17:08:04 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2017.03.20 17:08:04 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2017.03.20 17:08:03 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2017.03.20 17:08:03 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2017.03.20 17:08:02 | 001,853,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2017.03.20 17:08:02 | 000,952,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2017.03.20 17:08:02 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2017.03.20 17:08:02 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017.03.20 17:08:01 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2017.03.20 17:08:00 | 007,468,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017.03.20 17:08:00 | 000,545,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.03.20 17:08:00 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2017.03.20 17:07:59 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2017.03.20 17:07:59 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2017.03.20 17:07:59 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017.03.20 17:07:59 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTMediaFrame.dll
[2017.03.20 17:07:58 | 001,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Maps.dll
[2017.03.20 17:07:58 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2017.03.20 17:07:58 | 000,576,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.03.20 17:07:57 | 000,557,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2017.03.20 17:07:57 | 000,530,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2017.03.20 17:07:57 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2017.03.20 17:07:56 | 001,564,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quartz.dll
[2017.03.20 17:07:56 | 001,456,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2017.03.20 17:07:56 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2017.03.20 17:07:56 | 000,493,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.03.20 17:07:56 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
[2017.03.20 17:07:56 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2017.03.20 17:07:56 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2017.03.20 17:07:55 | 002,484,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2017.03.20 17:07:55 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2017.03.20 17:07:55 | 000,315,744 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.03.20 17:07:55 | 000,248,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2017.03.20 17:07:54 | 002,206,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2017.03.20 17:07:54 | 001,557,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2017.03.20 17:07:54 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2017.03.20 17:07:54 | 000,321,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2017.03.20 17:07:53 | 003,198,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2017.03.20 17:07:53 | 001,534,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.3D.dll
[2017.03.20 17:07:53 | 000,895,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2017.03.20 17:07:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppointmentApis.dll
[2017.03.20 17:07:53 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll
[2017.03.20 17:07:53 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017.03.20 17:07:53 | 000,130,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2017.03.20 17:07:52 | 000,976,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2017.03.20 17:07:52 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2017.03.20 17:07:51 | 001,543,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe
[2017.03.20 17:07:51 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPTpm12.dll
[2017.03.20 17:07:50 | 001,656,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Perception.dll
[2017.03.20 17:07:50 | 000,901,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2017.03.20 17:07:50 | 000,549,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2017.03.20 17:07:50 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2017.03.20 17:07:49 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2017.03.20 17:07:49 | 001,077,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Editing.dll
[2017.03.20 17:07:49 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EmailApis.dll
[2017.03.20 17:07:49 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2017.03.20 17:07:49 | 000,675,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2017.03.20 17:07:49 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.PointOfService.dll
[2017.03.20 17:07:49 | 000,173,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll
[2017.03.20 17:07:49 | 000,034,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll
[2017.03.20 17:07:48 | 001,123,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2017.03.20 17:07:48 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MiracastReceiver.dll
[2017.03.20 17:07:48 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2017.03.20 17:07:48 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.AllJoyn.dll
[2017.03.20 17:07:48 | 000,313,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2017.03.20 17:07:48 | 000,306,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
[2017.03.20 17:07:47 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2017.03.20 17:07:47 | 001,360,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2017.03.20 17:07:47 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2017.03.20 17:07:47 | 000,136,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostUser.dll
[2017.03.20 17:07:46 | 001,293,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2017.03.20 17:07:46 | 000,640,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2017.03.20 17:07:46 | 000,598,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2017.03.20 17:07:46 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017.03.20 17:07:45 | 003,106,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2017.03.20 17:07:45 | 000,374,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2017.03.20 17:07:45 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2017.03.20 17:07:45 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2017.03.20 17:07:45 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2017.03.20 17:07:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll
[2017.03.20 17:07:44 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_sr.dll
[2017.03.20 17:07:44 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Import.dll
[2017.03.20 17:07:44 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2017.03.20 17:07:44 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.SmartCards.dll
[2017.03.20 17:07:44 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2017.03.20 17:07:44 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
[2017.03.20 17:07:44 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2017.03.20 17:07:43 | 000,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2017.03.20 17:07:43 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2017.03.20 17:07:42 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2017.03.20 17:07:42 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.LowLevel.dll
[2017.03.20 17:07:42 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Midi.dll
[2017.03.20 17:07:42 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2017.03.20 17:07:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2017.03.20 17:07:42 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2017.03.20 17:07:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCCSEngineShared.dll
[2017.03.20 17:07:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiougc.exe
[2017.03.20 17:07:40 | 000,753,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\imapi2fs.dll
[2017.03.20 17:07:40 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.BackgroundMediaPlayback.dll
[2017.03.20 17:07:40 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.WiFiDirect.dll
[2017.03.20 17:07:40 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.XboxLive.Storage.dll
[2017.03.20 17:07:39 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataAccountApis.dll
[2017.03.20 17:07:39 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2017.03.20 17:07:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CryptoWinRT.dll
[2017.03.20 17:07:38 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2017.03.20 17:07:38 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
[2017.03.20 17:07:37 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017.03.20 17:07:37 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scksp.dll
[2017.03.20 17:07:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2017.03.20 17:07:36 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2017.03.20 17:07:36 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Wallet.dll
[2017.03.20 17:07:36 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.WiFi.dll
[2017.03.20 17:07:36 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinRtTracing.dll
[2017.03.20 17:07:35 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.FaceAnalysis.dll
[2017.03.20 17:07:35 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2017.03.20 17:07:35 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.dll
[2017.03.20 17:07:35 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2017.03.20 17:07:35 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Identity.Provider.dll
[2017.03.20 17:07:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2017.03.20 17:07:35 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.SerialCommunication.dll
[2017.03.20 17:07:34 | 001,154,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Pimstore.dll
[2017.03.20 17:07:34 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ChatApis.dll
[2017.03.20 17:07:34 | 000,525,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2017.03.20 17:07:34 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2017.03.20 17:07:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToReceiver.dll
[2017.03.20 17:07:33 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll
[2017.03.20 17:07:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BcastDVRHelper.dll
[2017.03.20 17:07:33 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2017.03.20 17:07:33 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll
[2017.03.20 17:07:32 | 001,299,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2017.03.20 17:07:32 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2017.03.20 17:07:32 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2017.03.20 17:07:32 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msutb.dll
[2017.03.20 17:07:32 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxclu.dll
[2017.03.20 17:07:32 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2017.03.20 17:07:32 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.ServiceDiscovery.Dnssd.dll
[2017.03.20 17:07:31 | 002,458,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2017.03.20 17:07:31 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2017.03.20 17:07:31 | 000,632,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2017.03.20 17:07:31 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2017.03.20 17:07:31 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2017.03.20 17:07:31 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcuiu.dll
[2017.03.20 17:07:31 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExSMime.dll
[2017.03.20 17:07:31 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2017.03.20 17:07:29 | 001,709,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2017.03.20 17:07:29 | 000,783,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2017.03.20 17:07:29 | 000,747,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Ocr.dll
[2017.03.20 17:07:29 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanui.dll
[2017.03.20 17:07:29 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\azroleui.dll
[2017.03.20 17:07:29 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2017.03.20 17:07:29 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2017.03.20 17:07:28 | 001,357,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSPhotography.dll
[2017.03.20 17:07:28 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2017.03.20 17:07:28 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RADCUI.dll
[2017.03.20 17:07:28 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2017.03.20 17:07:28 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncSettings.dll
[2017.03.20 17:07:28 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2017.03.20 17:07:28 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.HostName.dll
[2017.03.20 17:07:27 | 000,700,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.Search.dll
[2017.03.20 17:07:27 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Radios.dll
[2017.03.20 17:07:27 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ErrorDetails.dll
[2017.03.20 17:07:26 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
Re: kontrola logu - využití disku 100%
log z OTL - OTL 3/4
[2017.03.20 17:07:26 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2017.03.20 17:07:26 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WwaApi.dll
[2017.03.20 17:07:25 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wcnwiz.dll
[2017.03.20 17:07:25 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\main.cpl
[2017.03.20 17:07:24 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2017.03.20 17:07:24 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2017.03.20 17:07:24 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unimdm.tsp
[2017.03.20 17:07:24 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcpipcfg.dll
[2017.03.20 17:07:24 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityCommon.dll
[2017.03.20 17:07:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\findnetprinters.dll
[2017.03.20 17:07:21 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSENCD.DLL
[2017.03.20 17:07:21 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2017.03.20 17:07:21 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2017.03.20 17:07:21 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscandui.dll
[2017.03.20 17:07:21 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vaultcli.dll
[2017.03.20 17:07:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2017.03.20 17:07:21 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BrowserSettingSync.dll
[2017.03.20 17:07:21 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2017.03.20 17:07:20 | 006,474,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe
[2017.03.20 17:07:20 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2017.03.20 17:07:20 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DavSyncProvider.dll
[2017.03.20 17:07:20 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\accountaccessor.dll
[2017.03.20 17:07:20 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cemapi.dll
[2017.03.20 17:07:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.UI.GameBar.dll
[2017.03.20 17:07:20 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInputUap.dll
[2017.03.20 17:07:19 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2017.03.20 17:07:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.SystemManagement.dll
[2017.03.20 17:07:18 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVP9DEC.dll
[2017.03.20 17:07:18 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Diagnostics.dll
[2017.03.20 17:07:18 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2017.03.20 17:07:18 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CameraCaptureUI.dll
[2017.03.20 17:07:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbauth.dll
[2017.03.20 17:07:17 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.03.20 17:07:17 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContactApis.dll
[2017.03.20 17:07:17 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfui.dll
[2017.03.20 17:07:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBrokerCookies.exe
[2017.03.20 17:07:16 | 003,733,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.03.20 17:07:16 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2017.03.20 17:07:16 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2017.03.20 17:07:16 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2017.03.20 17:07:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplaysvr.exe
[2017.03.20 17:07:15 | 000,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontext.dll
[2017.03.20 17:07:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.03.20 17:07:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfp.dll
[2017.03.20 17:07:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.Ngc.dll
[2017.03.20 17:07:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2017.03.20 17:07:13 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appwiz.cpl
[2017.03.20 17:07:13 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hgcpl.dll
[2017.03.20 17:07:13 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.03.20 17:07:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2017.03.20 17:07:12 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VCardParser.dll
[2017.03.20 17:07:01 | 003,520,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2017.03.20 17:07:01 | 003,405,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017.03.20 17:07:01 | 002,538,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2017.03.20 17:07:00 | 002,049,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2017.03.20 17:07:00 | 000,857,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2017.03.20 17:06:59 | 001,362,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpmde.dll
[2017.03.20 17:06:59 | 000,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2017.03.20 17:06:58 | 004,596,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2017.03.20 17:06:58 | 001,369,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Phone.dll
[2017.03.20 17:06:58 | 001,266,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2017.03.20 17:06:58 | 000,527,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2017.03.20 17:06:58 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2017.03.20 17:06:55 | 002,424,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Perception.dll
[2017.03.20 17:06:54 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2017.03.20 17:06:53 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblGameSaveExt.dll
[2017.03.20 17:06:46 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2017.03.20 17:06:45 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Maps.dll
[2017.03.20 17:06:45 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2017.03.20 17:06:44 | 000,963,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll
[2017.03.20 17:06:44 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll
[2017.03.20 17:06:44 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017.03.20 17:06:44 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2017.03.20 17:06:44 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Wallet.dll
[2017.03.20 17:06:44 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.XboxLive.Storage.dll
[2017.03.20 17:06:44 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2017.03.20 17:06:44 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2017.03.20 17:06:44 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.03.20 17:06:43 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2017.03.20 17:06:42 | 001,507,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.FaceAnalysis.dll
[2017.03.20 17:06:42 | 001,293,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcnwiz.dll
[2017.03.20 17:06:42 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.dll
[2017.03.20 17:06:42 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Diagnostics.dll
[2017.03.20 17:06:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.UI.GameBar.dll
[2017.03.20 17:06:41 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanui.dll
[2017.03.20 17:06:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2017.03.20 17:06:40 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2017.03.20 17:06:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WwaApi.dll
[2017.03.20 17:06:40 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinRtTracing.dll
[2017.03.20 17:06:40 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Core.dll
[2017.03.20 17:06:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2017.03.20 17:06:39 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Cred.dll
[2017.03.20 17:06:39 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2017.03.20 17:06:38 | 008,169,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.03.20 17:06:37 | 013,441,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017.03.20 17:06:34 | 012,349,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017.03.20 17:06:32 | 007,220,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2017.03.20 17:06:31 | 007,654,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2017.03.20 17:06:31 | 003,777,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2017.03.20 17:06:30 | 007,812,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2017.03.20 17:06:30 | 001,981,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017.03.20 17:06:28 | 004,260,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2017.03.20 17:06:28 | 002,482,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2017.03.20 17:06:28 | 001,848,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2017.03.20 17:06:28 | 001,301,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2017.03.20 17:06:27 | 001,860,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2017.03.20 17:06:27 | 001,454,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2017.03.20 17:06:26 | 001,702,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2017.03.20 17:06:25 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2017.03.20 17:06:25 | 001,908,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.03.20 17:06:25 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2017.03.20 17:06:24 | 003,441,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2017.03.20 17:06:23 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2017.03.20 17:06:22 | 001,033,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2017.03.20 17:06:22 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2017.03.20 17:06:21 | 006,285,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2017.03.20 17:06:21 | 001,071,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2017.03.20 17:06:21 | 001,013,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContactApis.dll
[2017.03.20 17:06:21 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2017.03.20 17:06:20 | 002,852,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2017.03.20 17:06:20 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.03.20 17:06:20 | 001,473,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2017.03.20 17:06:20 | 001,293,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2017.03.20 17:06:20 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2017.03.20 17:06:19 | 008,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017.03.20 17:06:18 | 001,937,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2017.03.20 17:06:18 | 001,366,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2017.03.20 17:06:18 | 001,000,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2017.03.20 17:06:17 | 001,723,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2017.03.20 17:06:17 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2017.03.20 17:06:17 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2017.03.20 17:06:17 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2017.03.20 17:06:16 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2017.03.20 17:06:16 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2017.03.20 17:06:16 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2017.03.20 17:06:16 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2017.03.20 17:06:15 | 002,186,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll
[2017.03.20 17:06:15 | 001,989,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2017.03.20 17:06:15 | 001,536,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2017.03.20 17:06:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2017.03.20 17:06:14 | 000,998,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017.03.20 17:06:14 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2017.03.20 17:06:14 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2017.03.20 17:06:14 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2017.03.20 17:06:13 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2017.03.20 17:06:13 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Editing.dll
[2017.03.20 17:06:13 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll
[2017.03.20 17:06:13 | 000,596,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2017.03.20 17:06:13 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.UX.EapRequestHandler.dll
[2017.03.20 17:06:13 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTMediaFrame.dll
[2017.03.20 17:06:13 | 000,443,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2017.03.20 17:06:12 | 000,811,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2017.03.20 17:06:12 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.03.20 17:06:12 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnrSvc.dll
[2017.03.20 17:06:12 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PimIndexMaintenance.dll
[2017.03.20 17:06:11 | 002,512,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2017.03.20 17:06:11 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EmailApis.dll
[2017.03.20 17:06:11 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll
[2017.03.20 17:06:10 | 001,399,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Pimstore.dll
[2017.03.20 17:06:10 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2017.03.20 17:06:09 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2017.03.20 17:06:09 | 000,794,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.03.20 17:06:09 | 000,771,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppointmentApis.dll
[2017.03.20 17:06:09 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChatApis.dll
[2017.03.20 17:06:09 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2017.03.20 17:06:09 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017.03.20 17:06:09 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.03.20 17:06:09 | 000,137,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2017.03.20 17:06:08 | 001,063,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2017.03.20 17:06:08 | 000,387,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.03.20 17:06:08 | 000,382,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2017.03.20 17:06:08 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.03.20 17:06:07 | 002,820,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2017.03.20 17:06:07 | 001,512,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataService.dll
[2017.03.20 17:06:07 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlanMediaManager.dll
[2017.03.20 17:06:07 | 000,396,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2017.03.20 17:06:07 | 000,360,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2017.03.20 17:06:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2017.03.20 17:06:06 | 001,062,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2017.03.20 17:06:06 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2017.03.20 17:06:06 | 000,409,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2017.03.20 17:06:06 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2017.03.20 17:06:06 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.03.20 17:06:06 | 000,108,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2017.03.20 17:06:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.03.20 17:06:05 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2017.03.20 17:06:05 | 000,741,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\internetmail.dll
[2017.03.20 17:06:05 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RADCUI.dll
[2017.03.20 17:06:05 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCCSEngineShared.dll
[2017.03.20 17:06:04 | 001,917,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2017.03.20 17:06:04 | 001,762,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2017.03.20 17:06:04 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2017.03.20 17:06:04 | 000,611,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2017.03.20 17:06:04 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2017.03.20 17:06:04 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2017.03.20 17:06:04 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RelPost.exe
[2017.03.20 17:06:04 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2017.03.20 17:06:03 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll
[2017.03.20 17:06:03 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVP9DEC.dll
[2017.03.20 17:06:03 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2017.03.20 17:06:03 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.ServiceDiscovery.Dnssd.dll
[2017.03.20 17:06:03 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2017.03.20 17:06:02 | 001,189,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdengin2.dll
[2017.03.20 17:06:02 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.Search.dll
[2017.03.20 17:06:02 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2017.03.20 17:06:02 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs3D.dll
[2017.03.20 17:06:02 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExSMime.dll
[2017.03.20 17:06:02 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Identity.Provider.dll
[2017.03.20 17:06:02 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2017.03.20 17:06:01 | 001,291,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.03.20 17:06:01 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2017.03.20 17:06:01 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2017.03.20 17:06:00 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintRenderAPIHost.DLL
[2017.03.20 17:06:00 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DavSyncProvider.dll
[2017.03.20 17:06:00 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unimdm.tsp
[2017.03.20 17:06:00 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cemapi.dll
[2017.03.20 17:06:00 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2017.03.20 17:06:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2017.03.20 17:06:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpninprc.dll
[2017.03.20 17:05:59 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\accountaccessor.dll
[2017.03.20 17:05:59 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[2017.03.20 17:05:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2017.03.20 17:05:58 | 001,891,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2017.03.20 17:05:58 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2017.03.20 17:05:58 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tapi32.dll
[2017.03.20 17:05:58 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdshext.dll
[2017.03.20 17:05:58 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.03.20 17:05:58 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiougc.exe
[2017.03.20 17:05:57 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VCardParser.dll
[2017.03.20 17:05:53 | 022,565,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.03.20 17:05:52 | 017,198,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2017.03.20 17:05:49 | 018,362,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.03.20 17:05:47 | 004,746,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.03.20 17:05:45 | 007,786,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.03.20 17:05:45 | 000,063,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2017.03.20 17:05:43 | 008,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.03.20 17:05:43 | 002,287,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017.03.20 17:05:42 | 002,828,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2017.03.20 17:05:42 | 002,475,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2017.03.20 17:05:41 | 006,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.03.20 17:05:41 | 001,639,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017.03.20 17:05:40 | 001,589,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2017.03.20 17:05:40 | 001,348,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2017.03.20 17:05:39 | 000,635,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2017.03.20 17:05:38 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2017.03.20 17:05:38 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2017.03.20 17:05:38 | 000,591,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.03.20 17:05:38 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2017.03.20 17:05:37 | 001,837,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2017.03.20 17:05:37 | 001,157,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2017.03.20 17:05:37 | 000,924,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2017.03.20 17:05:37 | 000,658,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.03.20 17:05:37 | 000,646,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017.03.20 17:05:37 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudBackupSettings.dll
[2017.03.20 17:05:36 | 002,208,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.3D.dll
[2017.03.20 17:05:36 | 000,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017.03.20 17:05:36 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2017.03.20 17:05:35 | 001,694,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2017.03.20 17:05:35 | 001,275,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2017.03.20 17:05:35 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SmartCards.dll
[2017.03.20 17:05:35 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.03.20 17:05:34 | 001,513,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.03.20 17:05:34 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2017.03.20 17:05:34 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.Desktop.dll
[2017.03.20 17:05:34 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2017.03.20 17:05:33 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2017.03.20 17:05:33 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.03.20 17:05:32 | 000,821,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2017.03.20 17:05:31 | 001,280,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2017.03.20 17:05:31 | 000,975,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2017.03.20 17:05:31 | 000,945,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.03.20 17:05:31 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2017.03.20 17:05:30 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XboxNetApiSvc.dll
[2017.03.20 17:05:30 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2017.03.20 17:05:30 | 000,681,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2017.03.20 17:05:30 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2017.03.20 17:05:30 | 000,523,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMRServer.dll
[2017.03.20 17:05:29 | 001,633,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017.03.20 17:05:29 | 000,568,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.LowLevel.dll
[2017.03.20 17:05:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2017.03.20 17:05:28 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MiracastReceiver.dll
[2017.03.20 17:05:27 | 002,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.03.20 17:05:27 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2017.03.20 17:05:26 | 003,202,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2017.03.20 17:05:26 | 002,095,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.03.20 17:05:26 | 000,603,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2017.03.20 17:05:25 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2017.03.20 17:05:25 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.PointOfService.dll
[2017.03.20 17:05:25 | 000,913,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2017.03.20 17:05:25 | 000,755,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2017.03.20 17:05:25 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2017.03.20 17:05:24 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2017.03.20 17:05:24 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
[2017.03.20 17:05:24 | 000,219,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2017.03.20 17:05:24 | 000,160,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostBroker.dll
[2017.03.20 17:05:22 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2017.03.20 17:05:20 | 000,937,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2017.03.20 17:05:20 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017.03.20 17:05:20 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017.03.20 17:05:20 | 000,424,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2017.03.20 17:05:20 | 000,328,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2017.03.20 17:05:20 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2017.03.20 17:05:19 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoScreensaver.scr
[2017.03.20 17:05:19 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.WiFiDirect.dll
[2017.03.20 17:05:19 | 000,241,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2017.03.20 17:05:18 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2017.03.20 17:05:18 | 000,402,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.03.20 17:05:18 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SmartCards.Phone.dll
[2017.03.20 17:05:18 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2017.03.20 17:05:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icm32.dll
[2017.03.20 17:05:18 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialclient.dll
[2017.03.20 17:05:18 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Tabbtn.dll
[2017.03.20 17:05:16 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Geolocation.dll
[2017.03.20 17:05:16 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2017.03.20 17:05:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_WorkAccess.dll
[2017.03.20 17:05:16 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2017.03.20 17:05:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SerialCommunication.dll
[2017.03.20 17:05:15 | 000,510,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoScreensaver.scr
[2017.03.20 17:05:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2017.03.20 17:05:14 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncSettings.dll
[2017.03.20 17:05:14 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToReceiver.dll
[2017.03.20 17:05:13 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2017.03.20 17:05:12 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017.03.20 17:05:12 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.BlockedShutdown.dll
[2017.03.20 17:05:12 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2017.03.20 17:05:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.OneCore.dll
[2017.03.20 17:05:12 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2017.03.20 17:05:11 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2017.03.20 17:05:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BrowserSettingSync.dll
[2017.03.20 17:05:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbauth.dll
[2017.03.20 17:05:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBrokerCookies.exe
[2017.03.20 17:05:10 | 004,474,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.03.20 17:05:10 | 001,121,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.03.20 17:05:10 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NaturalLanguage6.dll
[2017.03.20 17:05:10 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2017.03.20 17:05:10 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2017.03.20 17:05:10 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll
[2017.03.20 17:05:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CameraCaptureUI.dll
[2017.03.20 17:05:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddrawex.dll
[2017.03.20 17:05:08 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.HostName.dll
[2017.03.20 17:05:08 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2017.03.20 17:05:07 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddraw.dll
[2017.03.20 17:04:55 | 007,216,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.03.20 17:04:53 | 009,130,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017.03.20 17:04:53 | 005,384,192 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.03.20 17:04:52 | 001,617,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.03.20 17:04:52 | 001,294,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.03.20 17:04:52 | 000,242,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.03.20 17:04:52 | 000,192,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.03.20 17:04:52 | 000,086,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.03.20 17:04:51 | 004,674,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.03.20 17:04:51 | 003,289,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2017.03.20 17:04:51 | 002,914,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnroll.dll
[2017.03.20 17:04:51 | 000,770,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2017.03.20 17:04:50 | 002,278,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.03.20 17:04:50 | 001,726,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2017.03.20 17:04:49 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.03.20 17:04:49 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017.03.20 17:04:49 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2017.03.20 17:04:47 | 003,614,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.03.20 17:04:47 | 002,860,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2017.03.20 17:04:47 | 001,416,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017.03.20 17:04:47 | 000,565,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.03.20 17:04:46 | 001,913,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2017.03.20 17:04:46 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppContracts.dll
[2017.03.20 17:04:46 | 001,016,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2017.03.20 17:04:46 | 000,655,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.03.20 17:04:46 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataSenseHandlers.dll
[2017.03.20 17:04:46 | 000,315,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.03.20 17:04:46 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CfgSPCellular.dll
[2017.03.20 17:04:46 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAPNCsp.dll
[2017.03.20 17:04:46 | 000,038,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.03.20 17:04:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CspCellularSettings.dll
[2017.03.20 17:04:45 | 001,354,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2017.03.20 17:04:45 | 001,172,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2017.03.20 17:04:45 | 001,051,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2017.03.20 17:04:43 | 001,570,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.03.20 17:04:43 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017.03.20 17:04:43 | 000,960,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2017.03.20 17:04:43 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2017.03.20 17:04:43 | 000,343,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.03.20 17:04:41 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017.03.20 17:04:41 | 001,117,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2017.03.20 17:04:41 | 000,894,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2017.03.20 17:04:40 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2017.03.20 17:04:40 | 000,811,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.03.20 17:04:40 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2017.03.20 17:04:40 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2017.03.20 17:04:39 | 001,643,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Speech.dll
[2017.03.20 17:04:39 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imapi2fs.dll
[2017.03.20 17:04:39 | 000,947,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.03.20 17:04:38 | 002,611,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2017.03.20 17:04:38 | 000,578,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.03.20 17:04:37 | 003,478,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbon.dll
[2017.03.20 17:04:37 | 001,600,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2017.03.20 17:04:37 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2017.03.20 17:04:37 | 000,682,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.03.20 17:04:37 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2017.03.20 17:04:36 | 004,060,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbon.dll
[2017.03.20 17:04:36 | 001,490,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2017.03.20 17:04:36 | 000,404,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2017.03.20 17:04:36 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2017.03.20 17:04:35 | 002,512,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2017.03.20 17:04:35 | 001,361,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017.03.20 17:04:35 | 000,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2017.03.20 17:04:35 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl
[2017.03.20 17:04:35 | 000,378,720 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.03.20 17:04:35 | 000,342,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2017.03.20 17:04:35 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017.03.20 17:04:35 | 000,142,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.03.20 17:04:34 | 001,692,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.03.20 17:04:34 | 000,881,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2017.03.20 17:04:34 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017.03.20 17:04:34 | 000,266,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2017.03.20 17:04:34 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2017.03.20 17:04:33 | 003,753,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2017.03.20 17:04:33 | 000,628,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.03.20 17:04:33 | 000,509,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.03.20 17:04:32 | 001,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2017.03.20 17:04:32 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.03.20 17:04:32 | 000,635,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.03.20 17:04:31 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.03.20 17:04:31 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Input.dll
[2017.03.20 17:04:31 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.03.20 17:04:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2017.03.20 17:04:29 | 001,714,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2017.03.20 17:04:29 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Midi.dll
[2017.03.20 17:04:28 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2017.03.20 17:04:28 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPTpm12.dll
[2017.03.20 17:04:28 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DXP.dll
[2017.03.20 17:04:28 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsvcext.dll
[2017.03.20 17:04:27 | 002,913,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.03.20 17:04:27 | 001,312,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorDataService.exe
[2017.03.20 17:04:27 | 000,947,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_sr.dll
[2017.03.20 17:04:27 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.UserAccountsHandlers.dll
[2017.03.20 17:04:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceAgent.exe
[2017.03.20 17:04:27 | 000,080,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2017.03.20 17:04:26 | 001,562,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2017.03.20 17:04:26 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TabletPC.cpl
[2017.03.20 17:04:26 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2017.03.20 17:04:26 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2017.03.20 17:04:26 | 000,379,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2017.03.20 17:04:26 | 000,354,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2017.03.20 17:04:26 | 000,201,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll
[2017.03.20 17:04:26 | 000,038,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll
[2017.03.20 17:04:25 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2017.03.20 17:04:24 | 001,267,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2017.03.20 17:04:24 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2017.03.20 17:04:24 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.AllJoyn.dll
[2017.03.20 17:04:24 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2017.03.20 17:04:24 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2017.03.20 17:04:24 | 000,116,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2017.03.20 17:04:24 | 000,110,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2017.03.20 17:04:23 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Import.dll
[2017.03.20 17:04:23 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2017.03.20 17:04:23 | 000,372,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MediaControl.dll
[2017.03.20 17:04:23 | 000,178,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostUser.dll
[2017.03.20 17:04:23 | 000,128,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2017.03.20 17:04:22 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2017.03.20 17:04:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys
[2017.03.20 17:04:21 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017.03.20 17:04:21 | 000,590,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2017.03.20 17:04:21 | 000,322,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2017.03.20 17:04:20 | 001,100,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.03.20 17:04:20 | 000,989,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.03.20 17:04:20 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.03.20 17:04:20 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2017.03.20 17:04:20 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scksp.dll
[2017.03.20 17:04:20 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll
[2017.03.20 17:04:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spaceman.exe
[2017.03.20 17:04:19 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2017.03.20 17:04:19 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2017.03.20 17:04:19 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.WiFi.dll
[2017.03.20 17:04:19 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.SystemManagement.dll
[2017.03.20 17:04:19 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2017.03.20 17:04:18 | 001,586,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2017.03.20 17:04:18 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hgcpl.dll
[2017.03.20 17:04:18 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Family.SyncEngine.dll
[2017.03.20 17:04:18 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Flights.dll
[2017.03.20 17:04:18 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Radios.dll
[2017.03.20 17:04:18 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tabcal.exe
[2017.03.20 17:04:17 | 001,092,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplicationFrame.dll
[2017.03.20 17:04:17 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msutb.dll
[2017.03.20 17:04:17 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2017.03.20 17:04:17 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MediaFoundation.DefaultPerceptionProvider.dll
[2017.03.20 17:04:17 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2017.03.20 17:04:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MultiDigiMon.exe
[2017.03.20 17:04:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.03.20 17:04:14 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeveloperOptionsSettingsHandlers.dll
[2017.03.20 17:04:13 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\main.cpl
[2017.03.20 17:04:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2017.03.20 17:04:13 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vaultcli.dll
[2017.03.20 17:07:26 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2017.03.20 17:07:26 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WwaApi.dll
[2017.03.20 17:07:25 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wcnwiz.dll
[2017.03.20 17:07:25 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\main.cpl
[2017.03.20 17:07:24 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2017.03.20 17:07:24 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2017.03.20 17:07:24 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unimdm.tsp
[2017.03.20 17:07:24 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tcpipcfg.dll
[2017.03.20 17:07:24 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ProximityCommon.dll
[2017.03.20 17:07:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\findnetprinters.dll
[2017.03.20 17:07:21 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSENCD.DLL
[2017.03.20 17:07:21 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2017.03.20 17:07:21 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2017.03.20 17:07:21 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscandui.dll
[2017.03.20 17:07:21 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vaultcli.dll
[2017.03.20 17:07:21 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2017.03.20 17:07:21 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BrowserSettingSync.dll
[2017.03.20 17:07:21 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2017.03.20 17:07:20 | 006,474,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe
[2017.03.20 17:07:20 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2017.03.20 17:07:20 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DavSyncProvider.dll
[2017.03.20 17:07:20 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\accountaccessor.dll
[2017.03.20 17:07:20 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cemapi.dll
[2017.03.20 17:07:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.UI.GameBar.dll
[2017.03.20 17:07:20 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInputUap.dll
[2017.03.20 17:07:19 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2017.03.20 17:07:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.SystemManagement.dll
[2017.03.20 17:07:18 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVP9DEC.dll
[2017.03.20 17:07:18 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Diagnostics.dll
[2017.03.20 17:07:18 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2017.03.20 17:07:18 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CameraCaptureUI.dll
[2017.03.20 17:07:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tbauth.dll
[2017.03.20 17:07:17 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017.03.20 17:07:17 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContactApis.dll
[2017.03.20 17:07:17 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfui.dll
[2017.03.20 17:07:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBrokerCookies.exe
[2017.03.20 17:07:16 | 003,733,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017.03.20 17:07:16 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2017.03.20 17:07:16 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2017.03.20 17:07:16 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2017.03.20 17:07:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplaysvr.exe
[2017.03.20 17:07:15 | 000,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontext.dll
[2017.03.20 17:07:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017.03.20 17:07:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfp.dll
[2017.03.20 17:07:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.Ngc.dll
[2017.03.20 17:07:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2017.03.20 17:07:13 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appwiz.cpl
[2017.03.20 17:07:13 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hgcpl.dll
[2017.03.20 17:07:13 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017.03.20 17:07:13 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2017.03.20 17:07:12 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VCardParser.dll
[2017.03.20 17:07:01 | 003,520,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2017.03.20 17:07:01 | 003,405,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2017.03.20 17:07:01 | 002,538,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2017.03.20 17:07:00 | 002,049,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2017.03.20 17:07:00 | 000,857,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2017.03.20 17:06:59 | 001,362,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpmde.dll
[2017.03.20 17:06:59 | 000,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2017.03.20 17:06:58 | 004,596,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2017.03.20 17:06:58 | 001,369,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Phone.dll
[2017.03.20 17:06:58 | 001,266,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2017.03.20 17:06:58 | 000,527,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2017.03.20 17:06:58 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2017.03.20 17:06:55 | 002,424,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Perception.dll
[2017.03.20 17:06:54 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2017.03.20 17:06:53 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblGameSaveExt.dll
[2017.03.20 17:06:46 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2017.03.20 17:06:45 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Maps.dll
[2017.03.20 17:06:45 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2017.03.20 17:06:44 | 000,963,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll
[2017.03.20 17:06:44 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll
[2017.03.20 17:06:44 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017.03.20 17:06:44 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2017.03.20 17:06:44 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Wallet.dll
[2017.03.20 17:06:44 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.XboxLive.Storage.dll
[2017.03.20 17:06:44 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2017.03.20 17:06:44 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2017.03.20 17:06:44 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.03.20 17:06:43 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2017.03.20 17:06:42 | 001,507,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.FaceAnalysis.dll
[2017.03.20 17:06:42 | 001,293,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcnwiz.dll
[2017.03.20 17:06:42 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.dll
[2017.03.20 17:06:42 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Diagnostics.dll
[2017.03.20 17:06:42 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.UI.GameBar.dll
[2017.03.20 17:06:41 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanui.dll
[2017.03.20 17:06:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2017.03.20 17:06:40 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2017.03.20 17:06:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WwaApi.dll
[2017.03.20 17:06:40 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinRtTracing.dll
[2017.03.20 17:06:40 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Core.dll
[2017.03.20 17:06:40 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2017.03.20 17:06:39 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Cred.dll
[2017.03.20 17:06:39 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2017.03.20 17:06:38 | 008,169,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.03.20 17:06:37 | 013,441,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017.03.20 17:06:34 | 012,349,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017.03.20 17:06:32 | 007,220,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2017.03.20 17:06:31 | 007,654,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2017.03.20 17:06:31 | 003,777,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2017.03.20 17:06:30 | 007,812,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2017.03.20 17:06:30 | 001,981,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017.03.20 17:06:28 | 004,260,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2017.03.20 17:06:28 | 002,482,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2017.03.20 17:06:28 | 001,848,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2017.03.20 17:06:28 | 001,301,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2017.03.20 17:06:27 | 001,860,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2017.03.20 17:06:27 | 001,454,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2017.03.20 17:06:26 | 001,702,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2017.03.20 17:06:25 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2017.03.20 17:06:25 | 001,908,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017.03.20 17:06:25 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2017.03.20 17:06:24 | 003,441,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2017.03.20 17:06:23 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2017.03.20 17:06:22 | 001,033,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2017.03.20 17:06:22 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2017.03.20 17:06:21 | 006,285,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2017.03.20 17:06:21 | 001,071,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2017.03.20 17:06:21 | 001,013,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContactApis.dll
[2017.03.20 17:06:21 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2017.03.20 17:06:20 | 002,852,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2017.03.20 17:06:20 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.03.20 17:06:20 | 001,473,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2017.03.20 17:06:20 | 001,293,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2017.03.20 17:06:20 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2017.03.20 17:06:19 | 008,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017.03.20 17:06:18 | 001,937,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2017.03.20 17:06:18 | 001,366,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2017.03.20 17:06:18 | 001,000,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2017.03.20 17:06:17 | 001,723,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2017.03.20 17:06:17 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2017.03.20 17:06:17 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2017.03.20 17:06:17 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2017.03.20 17:06:16 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2017.03.20 17:06:16 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2017.03.20 17:06:16 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2017.03.20 17:06:16 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2017.03.20 17:06:15 | 002,186,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll
[2017.03.20 17:06:15 | 001,989,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2017.03.20 17:06:15 | 001,536,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2017.03.20 17:06:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2017.03.20 17:06:14 | 000,998,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017.03.20 17:06:14 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2017.03.20 17:06:14 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2017.03.20 17:06:14 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2017.03.20 17:06:13 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2017.03.20 17:06:13 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Editing.dll
[2017.03.20 17:06:13 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll
[2017.03.20 17:06:13 | 000,596,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2017.03.20 17:06:13 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.UX.EapRequestHandler.dll
[2017.03.20 17:06:13 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTMediaFrame.dll
[2017.03.20 17:06:13 | 000,443,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2017.03.20 17:06:12 | 000,811,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2017.03.20 17:06:12 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017.03.20 17:06:12 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnrSvc.dll
[2017.03.20 17:06:12 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PimIndexMaintenance.dll
[2017.03.20 17:06:11 | 002,512,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2017.03.20 17:06:11 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EmailApis.dll
[2017.03.20 17:06:11 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll
[2017.03.20 17:06:10 | 001,399,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Pimstore.dll
[2017.03.20 17:06:10 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2017.03.20 17:06:09 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2017.03.20 17:06:09 | 000,794,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.03.20 17:06:09 | 000,771,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppointmentApis.dll
[2017.03.20 17:06:09 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ChatApis.dll
[2017.03.20 17:06:09 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2017.03.20 17:06:09 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017.03.20 17:06:09 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017.03.20 17:06:09 | 000,137,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2017.03.20 17:06:08 | 001,063,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2017.03.20 17:06:08 | 000,387,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.03.20 17:06:08 | 000,382,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2017.03.20 17:06:08 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.03.20 17:06:07 | 002,820,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2017.03.20 17:06:07 | 001,512,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataService.dll
[2017.03.20 17:06:07 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlanMediaManager.dll
[2017.03.20 17:06:07 | 000,396,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2017.03.20 17:06:07 | 000,360,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2017.03.20 17:06:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2017.03.20 17:06:06 | 001,062,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2017.03.20 17:06:06 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2017.03.20 17:06:06 | 000,409,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2017.03.20 17:06:06 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2017.03.20 17:06:06 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.03.20 17:06:06 | 000,108,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2017.03.20 17:06:06 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.03.20 17:06:05 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2017.03.20 17:06:05 | 000,741,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\internetmail.dll
[2017.03.20 17:06:05 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RADCUI.dll
[2017.03.20 17:06:05 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCCSEngineShared.dll
[2017.03.20 17:06:04 | 001,917,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2017.03.20 17:06:04 | 001,762,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSPhotography.dll
[2017.03.20 17:06:04 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2017.03.20 17:06:04 | 000,611,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2017.03.20 17:06:04 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2017.03.20 17:06:04 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2017.03.20 17:06:04 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RelPost.exe
[2017.03.20 17:06:04 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2017.03.20 17:06:03 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll
[2017.03.20 17:06:03 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVP9DEC.dll
[2017.03.20 17:06:03 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2017.03.20 17:06:03 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.ServiceDiscovery.Dnssd.dll
[2017.03.20 17:06:03 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2017.03.20 17:06:02 | 001,189,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdengin2.dll
[2017.03.20 17:06:02 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.Search.dll
[2017.03.20 17:06:02 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2017.03.20 17:06:02 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs3D.dll
[2017.03.20 17:06:02 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExSMime.dll
[2017.03.20 17:06:02 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Identity.Provider.dll
[2017.03.20 17:06:02 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2017.03.20 17:06:01 | 001,291,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2017.03.20 17:06:01 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2017.03.20 17:06:01 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2017.03.20 17:06:00 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintRenderAPIHost.DLL
[2017.03.20 17:06:00 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DavSyncProvider.dll
[2017.03.20 17:06:00 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unimdm.tsp
[2017.03.20 17:06:00 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cemapi.dll
[2017.03.20 17:06:00 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2017.03.20 17:06:00 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2017.03.20 17:06:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpninprc.dll
[2017.03.20 17:05:59 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\accountaccessor.dll
[2017.03.20 17:05:59 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[2017.03.20 17:05:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2017.03.20 17:05:58 | 001,891,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2017.03.20 17:05:58 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2017.03.20 17:05:58 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tapi32.dll
[2017.03.20 17:05:58 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdshext.dll
[2017.03.20 17:05:58 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.03.20 17:05:58 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiougc.exe
[2017.03.20 17:05:57 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VCardParser.dll
[2017.03.20 17:05:53 | 022,565,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.03.20 17:05:52 | 017,198,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2017.03.20 17:05:49 | 018,362,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017.03.20 17:05:47 | 004,746,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017.03.20 17:05:45 | 007,786,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.03.20 17:05:45 | 000,063,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2017.03.20 17:05:43 | 008,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017.03.20 17:05:43 | 002,287,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017.03.20 17:05:42 | 002,828,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2017.03.20 17:05:42 | 002,475,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2017.03.20 17:05:41 | 006,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017.03.20 17:05:41 | 001,639,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comsvcs.dll
[2017.03.20 17:05:40 | 001,589,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2017.03.20 17:05:40 | 001,348,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2017.03.20 17:05:39 | 000,635,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2017.03.20 17:05:38 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2017.03.20 17:05:38 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2017.03.20 17:05:38 | 000,591,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017.03.20 17:05:38 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredProvDataModel.dll
[2017.03.20 17:05:37 | 001,837,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2017.03.20 17:05:37 | 001,157,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2017.03.20 17:05:37 | 000,924,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2017.03.20 17:05:37 | 000,658,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.03.20 17:05:37 | 000,646,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017.03.20 17:05:37 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudBackupSettings.dll
[2017.03.20 17:05:36 | 002,208,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.3D.dll
[2017.03.20 17:05:36 | 000,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017.03.20 17:05:36 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2017.03.20 17:05:35 | 001,694,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2017.03.20 17:05:35 | 001,275,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2017.03.20 17:05:35 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SmartCards.dll
[2017.03.20 17:05:35 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017.03.20 17:05:34 | 001,513,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017.03.20 17:05:34 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2017.03.20 17:05:34 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.Desktop.dll
[2017.03.20 17:05:34 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2017.03.20 17:05:33 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2017.03.20 17:05:33 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017.03.20 17:05:32 | 000,821,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2017.03.20 17:05:31 | 001,280,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2017.03.20 17:05:31 | 000,975,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2017.03.20 17:05:31 | 000,945,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017.03.20 17:05:31 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2017.03.20 17:05:30 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XboxNetApiSvc.dll
[2017.03.20 17:05:30 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2017.03.20 17:05:30 | 000,681,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2017.03.20 17:05:30 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2017.03.20 17:05:30 | 000,523,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMRServer.dll
[2017.03.20 17:05:29 | 001,633,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quartz.dll
[2017.03.20 17:05:29 | 000,568,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.LowLevel.dll
[2017.03.20 17:05:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2017.03.20 17:05:28 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MiracastReceiver.dll
[2017.03.20 17:05:27 | 002,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017.03.20 17:05:27 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2017.03.20 17:05:26 | 003,202,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2017.03.20 17:05:26 | 002,095,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017.03.20 17:05:26 | 000,603,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2017.03.20 17:05:25 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2017.03.20 17:05:25 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.PointOfService.dll
[2017.03.20 17:05:25 | 000,913,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2017.03.20 17:05:25 | 000,755,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2017.03.20 17:05:25 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2017.03.20 17:05:24 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2017.03.20 17:05:24 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
[2017.03.20 17:05:24 | 000,219,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2017.03.20 17:05:24 | 000,160,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostBroker.dll
[2017.03.20 17:05:22 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2017.03.20 17:05:20 | 000,937,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2017.03.20 17:05:20 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017.03.20 17:05:20 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017.03.20 17:05:20 | 000,424,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2017.03.20 17:05:20 | 000,328,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2017.03.20 17:05:20 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2017.03.20 17:05:19 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoScreensaver.scr
[2017.03.20 17:05:19 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.WiFiDirect.dll
[2017.03.20 17:05:19 | 000,241,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2017.03.20 17:05:18 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2017.03.20 17:05:18 | 000,402,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.03.20 17:05:18 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SmartCards.Phone.dll
[2017.03.20 17:05:18 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2017.03.20 17:05:18 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icm32.dll
[2017.03.20 17:05:18 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialclient.dll
[2017.03.20 17:05:18 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Tabbtn.dll
[2017.03.20 17:05:16 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Geolocation.dll
[2017.03.20 17:05:16 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2017.03.20 17:05:16 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_WorkAccess.dll
[2017.03.20 17:05:16 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2017.03.20 17:05:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SerialCommunication.dll
[2017.03.20 17:05:15 | 000,510,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoScreensaver.scr
[2017.03.20 17:05:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2017.03.20 17:05:14 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncSettings.dll
[2017.03.20 17:05:14 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToReceiver.dll
[2017.03.20 17:05:13 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2017.03.20 17:05:12 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017.03.20 17:05:12 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.BlockedShutdown.dll
[2017.03.20 17:05:12 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2017.03.20 17:05:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.OneCore.dll
[2017.03.20 17:05:12 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2017.03.20 17:05:11 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2017.03.20 17:05:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BrowserSettingSync.dll
[2017.03.20 17:05:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tbauth.dll
[2017.03.20 17:05:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBrokerCookies.exe
[2017.03.20 17:05:10 | 004,474,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017.03.20 17:05:10 | 001,121,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017.03.20 17:05:10 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NaturalLanguage6.dll
[2017.03.20 17:05:10 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2017.03.20 17:05:10 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2017.03.20 17:05:10 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll
[2017.03.20 17:05:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CameraCaptureUI.dll
[2017.03.20 17:05:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddrawex.dll
[2017.03.20 17:05:08 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.HostName.dll
[2017.03.20 17:05:08 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2017.03.20 17:05:07 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddraw.dll
[2017.03.20 17:04:55 | 007,216,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.03.20 17:04:53 | 009,130,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017.03.20 17:04:53 | 005,384,192 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\dbgeng.dll
[2017.03.20 17:04:52 | 001,617,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.03.20 17:04:52 | 001,294,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.03.20 17:04:52 | 000,242,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.03.20 17:04:52 | 000,192,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.03.20 17:04:52 | 000,086,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.03.20 17:04:51 | 004,674,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.03.20 17:04:51 | 003,289,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2017.03.20 17:04:51 | 002,914,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnroll.dll
[2017.03.20 17:04:51 | 000,770,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2017.03.20 17:04:50 | 002,278,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2017.03.20 17:04:50 | 001,726,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2017.03.20 17:04:49 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017.03.20 17:04:49 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2017.03.20 17:04:49 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2017.03.20 17:04:47 | 003,614,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017.03.20 17:04:47 | 002,860,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2017.03.20 17:04:47 | 001,416,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017.03.20 17:04:47 | 000,565,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.03.20 17:04:46 | 001,913,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2017.03.20 17:04:46 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppContracts.dll
[2017.03.20 17:04:46 | 001,016,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthManager.dll
[2017.03.20 17:04:46 | 000,655,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.03.20 17:04:46 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataSenseHandlers.dll
[2017.03.20 17:04:46 | 000,315,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.03.20 17:04:46 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CfgSPCellular.dll
[2017.03.20 17:04:46 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAPNCsp.dll
[2017.03.20 17:04:46 | 000,038,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.03.20 17:04:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CspCellularSettings.dll
[2017.03.20 17:04:45 | 001,354,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2017.03.20 17:04:45 | 001,172,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2017.03.20 17:04:45 | 001,051,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2017.03.20 17:04:43 | 001,570,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.03.20 17:04:43 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2017.03.20 17:04:43 | 000,960,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2017.03.20 17:04:43 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2017.03.20 17:04:43 | 000,343,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.03.20 17:04:41 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017.03.20 17:04:41 | 001,117,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2017.03.20 17:04:41 | 000,894,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2017.03.20 17:04:40 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2017.03.20 17:04:40 | 000,811,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.03.20 17:04:40 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2017.03.20 17:04:40 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2017.03.20 17:04:39 | 001,643,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Speech.dll
[2017.03.20 17:04:39 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imapi2fs.dll
[2017.03.20 17:04:39 | 000,947,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.03.20 17:04:38 | 002,611,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2017.03.20 17:04:38 | 000,578,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.03.20 17:04:37 | 003,478,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbon.dll
[2017.03.20 17:04:37 | 001,600,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2017.03.20 17:04:37 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2017.03.20 17:04:37 | 000,682,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.03.20 17:04:37 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2017.03.20 17:04:36 | 004,060,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbon.dll
[2017.03.20 17:04:36 | 001,490,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2017.03.20 17:04:36 | 000,404,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2017.03.20 17:04:36 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2017.03.20 17:04:35 | 002,512,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2017.03.20 17:04:35 | 001,361,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017.03.20 17:04:35 | 000,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2017.03.20 17:04:35 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl
[2017.03.20 17:04:35 | 000,378,720 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.03.20 17:04:35 | 000,342,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2017.03.20 17:04:35 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2017.03.20 17:04:35 | 000,142,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.03.20 17:04:34 | 001,692,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.03.20 17:04:34 | 000,881,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2017.03.20 17:04:34 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2017.03.20 17:04:34 | 000,266,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2017.03.20 17:04:34 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2017.03.20 17:04:33 | 003,753,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2017.03.20 17:04:33 | 000,628,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.03.20 17:04:33 | 000,509,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.03.20 17:04:32 | 001,082,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2017.03.20 17:04:32 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017.03.20 17:04:32 | 000,635,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.03.20 17:04:31 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.03.20 17:04:31 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Input.dll
[2017.03.20 17:04:31 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2017.03.20 17:04:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2017.03.20 17:04:29 | 001,714,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2017.03.20 17:04:29 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Midi.dll
[2017.03.20 17:04:28 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2017.03.20 17:04:28 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPTpm12.dll
[2017.03.20 17:04:28 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DXP.dll
[2017.03.20 17:04:28 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsvcext.dll
[2017.03.20 17:04:27 | 002,913,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.03.20 17:04:27 | 001,312,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorDataService.exe
[2017.03.20 17:04:27 | 000,947,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_sr.dll
[2017.03.20 17:04:27 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.UserAccountsHandlers.dll
[2017.03.20 17:04:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceAgent.exe
[2017.03.20 17:04:27 | 000,080,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2017.03.20 17:04:26 | 001,562,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2017.03.20 17:04:26 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TabletPC.cpl
[2017.03.20 17:04:26 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2017.03.20 17:04:26 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2017.03.20 17:04:26 | 000,379,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2017.03.20 17:04:26 | 000,354,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2017.03.20 17:04:26 | 000,201,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll
[2017.03.20 17:04:26 | 000,038,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll
[2017.03.20 17:04:25 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneDriveSettingSyncProvider.dll
[2017.03.20 17:04:24 | 001,267,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2017.03.20 17:04:24 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2017.03.20 17:04:24 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.AllJoyn.dll
[2017.03.20 17:04:24 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2017.03.20 17:04:24 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2017.03.20 17:04:24 | 000,116,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2017.03.20 17:04:24 | 000,110,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2017.03.20 17:04:23 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Import.dll
[2017.03.20 17:04:23 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2017.03.20 17:04:23 | 000,372,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MediaControl.dll
[2017.03.20 17:04:23 | 000,178,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostUser.dll
[2017.03.20 17:04:23 | 000,128,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2017.03.20 17:04:22 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2017.03.20 17:04:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys
[2017.03.20 17:04:21 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017.03.20 17:04:21 | 000,590,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2017.03.20 17:04:21 | 000,322,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2017.03.20 17:04:20 | 001,100,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.03.20 17:04:20 | 000,989,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.03.20 17:04:20 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.03.20 17:04:20 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2017.03.20 17:04:20 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scksp.dll
[2017.03.20 17:04:20 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll
[2017.03.20 17:04:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spaceman.exe
[2017.03.20 17:04:19 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2017.03.20 17:04:19 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2017.03.20 17:04:19 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.WiFi.dll
[2017.03.20 17:04:19 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.SystemManagement.dll
[2017.03.20 17:04:19 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2017.03.20 17:04:18 | 001,586,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2017.03.20 17:04:18 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hgcpl.dll
[2017.03.20 17:04:18 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Family.SyncEngine.dll
[2017.03.20 17:04:18 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Flights.dll
[2017.03.20 17:04:18 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Radios.dll
[2017.03.20 17:04:18 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tabcal.exe
[2017.03.20 17:04:17 | 001,092,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplicationFrame.dll
[2017.03.20 17:04:17 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msutb.dll
[2017.03.20 17:04:17 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2017.03.20 17:04:17 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MediaFoundation.DefaultPerceptionProvider.dll
[2017.03.20 17:04:17 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2017.03.20 17:04:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MultiDigiMon.exe
[2017.03.20 17:04:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.03.20 17:04:14 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeveloperOptionsSettingsHandlers.dll
[2017.03.20 17:04:13 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\main.cpl
[2017.03.20 17:04:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2017.03.20 17:04:13 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vaultcli.dll
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
Re: kontrola logu - využití disku 100%
log z OTL - OTL 4/4
[2017.03.20 17:04:13 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2017.03.20 17:04:13 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothDesktopHandlers.dll
[2017.03.20 17:04:12 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2017.03.20 17:04:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacc.dll
[2017.03.20 17:04:12 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscandui.dll
[2017.03.20 17:04:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInputUap.dll
[2017.03.20 17:04:10 | 006,664,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspaint.exe
[2017.03.20 17:04:10 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2017.03.20 17:04:10 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ErrorDetails.dll
[2017.03.20 17:04:09 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2017.03.20 17:04:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2017.03.20 17:04:08 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2017.03.20 17:04:08 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2017.03.20 17:04:08 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2017.03.20 17:04:08 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.03.20 17:04:08 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfui.dll
[2017.03.20 17:04:07 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfp.dll
[2017.03.20 17:04:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2017.03.20 17:04:06 | 005,114,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2017.03.20 17:04:06 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2017.03.20 17:04:02 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.03.20 17:04:02 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.03.20 17:03:24 | 008,886,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSetup.exe
[2017.03.20 16:33:02 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.03.20 16:33:01 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.03.20 16:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017.03.20 16:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017.03.20 16:32:32 | 000,000,000 | ---D | C] -- C:\Users\Endon\AppData\Local\Zemana
[2017.03.20 16:28:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.03.20 16:24:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2017.03.20 16:24:26 | 000,000,000 | ---D | C] -- C:\Users\Endon\AppData\Local\Temp
[2017.03.20 16:01:41 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.03.16 17:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2017.03.16 17:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.03.15 21:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.03.15 21:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017.03.15 21:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2017.03.15 20:49:11 | 001,663,904 | ---- | C] (Malwarebytes) -- C:\Users\Endon\Desktop\JRT.exe
[2017.03.15 18:23:44 | 000,186,304 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.03.15 18:23:29 | 000,111,544 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.03.15 18:23:29 | 000,092,088 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.03.15 18:23:21 | 000,043,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.03.15 18:23:16 | 000,251,840 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.03.15 18:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017.03.15 18:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.03.15 18:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.03.15 18:17:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.03.15 15:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017.03.15 15:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017.03.15 15:39:04 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Endon\Desktop\HijackThis.exe
[2017.03.14 18:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2017.03.14 18:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2017.03.14 17:27:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2017.03.14 15:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2017.03.14 13:56:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Microsoft
[2017.03.06 14:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
[2017.03.06 14:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2017.03.06 11:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefly Studios
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2017.03.24 15:25:46 | 000,489,087 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.03.24 15:25:41 | 000,517,163 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.03.24 15:25:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Endon\Desktop\OTL.exe
[2017.03.24 15:25:09 | 000,027,182 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižeka.PNG
[2017.03.24 15:23:25 | 000,000,512 | ---- | M] () -- C:\Users\Endon\Desktop\MBR.dat
[2017.03.24 14:01:49 | 000,092,088 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.03.24 08:51:53 | 1650,393,088 | -HS- | M] () -- C:\hiberfil.sys
[2017.03.24 08:51:51 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.03.23 21:02:16 | 002,344,268 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.03.23 21:02:16 | 000,957,856 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.03.23 21:02:16 | 000,861,662 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2017.03.23 21:02:16 | 000,289,856 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.03.23 21:02:16 | 000,220,936 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2017.03.22 16:51:49 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForEndon.job
[2017.03.22 14:48:26 | 000,186,304 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.03.22 14:48:23 | 000,111,544 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.03.22 14:48:19 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.03.22 14:48:14 | 000,251,840 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.03.21 19:00:29 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017.03.21 16:16:42 | 002,424,832 | ---- | M] (Farbar) -- C:\Users\Endon\Desktop\FRST64.exe
[2017.03.21 16:14:22 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\Endon\Desktop\aswmbr.exe
[2017.03.20 21:28:28 | 000,370,488 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.03.20 16:33:02 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.03.20 16:33:02 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.03.20 16:33:00 | 000,001,228 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.03.20 16:05:58 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.03.16 20:16:02 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.03.16 17:48:20 | 026,131,528 | ---- | M] () -- C:\Users\Endon\Desktop\RogueKillerX64.exe
[2017.03.15 21:23:51 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.03.15 20:50:14 | 001,663,904 | ---- | M] (Malwarebytes) -- C:\Users\Endon\Desktop\JRT.exe
[2017.03.15 18:23:10 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.03.15 18:17:42 | 004,031,440 | ---- | M] () -- C:\Users\Endon\Desktop\AdwCleaner.exe
[2017.03.15 15:53:08 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.03.15 15:39:11 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Endon\Desktop\HijackThis.exe
[2017.03.14 18:45:11 | 000,001,006 | ---- | M] () -- C:\Users\Endon\Desktop\HD Tune.lnk
[2017.03.14 15:09:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin
[2017.03.10 14:00:11 | 000,548,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgsp.sys.148915086650002
[2017.03.10 06:17:56 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017.03.10 06:17:56 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2017.03.09 14:05:39 | 000,063,162 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek4.PNG
[2017.03.09 14:05:05 | 000,407,775 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek3.PNG
[2017.03.09 14:04:50 | 000,393,865 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek2.PNG
[2017.03.09 14:04:32 | 000,331,870 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek.PNG
[2017.03.06 14:35:02 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold Crusader.lnk
[2017.03.04 21:28:04 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cs-CZ\ndis.sys.mui
[2017.03.04 08:57:44 | 000,192,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.03.04 08:57:43 | 000,315,744 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.03.04 08:40:53 | 000,965,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2017.03.04 08:35:25 | 001,294,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.03.04 08:35:25 | 000,142,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.03.04 08:35:22 | 001,617,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.03.04 08:35:22 | 000,655,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.03.04 08:35:22 | 000,565,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.03.04 08:35:22 | 000,343,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.03.04 08:35:22 | 000,086,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.03.04 08:35:21 | 000,378,720 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.03.04 08:35:21 | 000,242,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.03.04 08:35:15 | 000,590,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2017.03.04 08:35:09 | 000,315,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.03.04 08:35:09 | 000,038,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.03.04 08:27:09 | 000,603,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2017.03.04 08:26:53 | 000,794,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.03.04 08:25:44 | 001,117,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2017.03.04 08:24:33 | 000,354,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2017.03.04 08:24:27 | 000,108,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2017.03.04 08:24:23 | 000,894,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2017.03.04 08:24:20 | 001,051,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2017.03.04 08:24:07 | 000,646,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017.03.04 08:24:05 | 002,186,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll
[2017.03.04 08:24:04 | 002,482,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2017.03.04 08:23:13 | 002,512,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2017.03.04 08:22:41 | 002,213,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.03.04 08:22:22 | 001,354,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2017.03.04 08:22:22 | 001,172,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2017.03.04 08:22:21 | 007,786,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.03.04 08:20:52 | 000,379,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2017.03.04 08:19:11 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.03.04 08:19:02 | 002,049,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2017.03.04 08:18:48 | 000,764,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.03.04 08:18:43 | 000,219,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2017.03.04 08:17:22 | 000,409,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2017.03.04 08:15:25 | 000,063,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2017.03.04 08:15:14 | 000,404,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2017.03.04 08:15:08 | 001,000,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2017.03.04 08:13:27 | 000,635,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.03.04 08:11:48 | 000,328,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2017.03.04 08:11:41 | 000,266,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2017.03.04 08:10:08 | 002,828,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2017.03.04 08:10:08 | 000,360,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2017.03.04 08:09:54 | 000,635,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2017.03.04 08:09:53 | 000,402,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.03.04 08:09:51 | 000,658,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.03.04 08:09:45 | 001,860,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2017.03.04 08:09:31 | 000,178,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostUser.dll
[2017.03.04 08:09:28 | 001,969,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll
[2017.03.04 08:09:27 | 002,206,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2017.03.04 08:09:27 | 000,857,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2017.03.04 08:09:22 | 002,717,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2017.03.04 08:09:21 | 007,220,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2017.03.04 08:09:21 | 000,396,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2017.03.04 08:09:17 | 000,578,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.03.04 08:09:17 | 000,527,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2017.03.04 08:09:13 | 001,293,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2017.03.04 08:09:09 | 001,157,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2017.03.04 08:09:09 | 000,681,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2017.03.04 08:08:59 | 000,130,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2017.03.04 08:08:20 | 000,342,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2017.03.04 08:08:17 | 000,509,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.03.04 08:07:58 | 000,682,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.03.04 08:07:56 | 000,080,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2017.03.04 08:07:55 | 000,557,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2017.03.04 08:07:54 | 000,110,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2017.03.04 08:07:28 | 001,267,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2017.03.04 08:07:24 | 001,100,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.03.04 08:07:22 | 000,116,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2017.03.04 08:07:21 | 000,947,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.03.04 08:07:19 | 000,989,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.03.04 08:07:18 | 000,811,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.03.04 08:07:14 | 002,913,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.03.04 08:04:33 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.03.04 08:04:24 | 001,362,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpmde.dll
[2017.03.04 08:04:19 | 008,169,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.03.04 08:04:03 | 001,063,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2017.03.04 08:03:58 | 001,848,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2017.03.04 08:03:57 | 001,702,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2017.03.04 08:03:56 | 004,260,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2017.03.04 08:03:55 | 000,811,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2017.03.04 08:03:54 | 001,301,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2017.03.04 08:03:54 | 000,424,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2017.03.04 08:03:53 | 001,473,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2017.03.04 08:03:53 | 001,454,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2017.03.04 08:03:53 | 001,071,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2017.03.04 08:03:53 | 000,596,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2017.03.04 08:03:52 | 001,989,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2017.03.04 08:03:51 | 001,694,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2017.03.04 08:03:51 | 000,443,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2017.03.04 08:03:49 | 000,755,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2017.03.04 08:03:49 | 000,523,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMRServer.dll
[2017.03.04 08:03:48 | 001,062,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2017.03.04 08:03:46 | 000,038,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll
[2017.03.04 08:03:21 | 001,723,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2017.03.04 08:03:17 | 000,160,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostBroker.dll
[2017.03.04 08:03:13 | 000,241,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2017.03.04 08:03:09 | 000,382,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2017.03.04 08:03:07 | 004,674,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.03.04 08:03:00 | 001,600,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2017.03.04 08:01:57 | 000,137,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2017.03.04 08:01:53 | 000,128,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2017.03.04 08:01:52 | 000,201,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll
[2017.03.04 07:59:01 | 001,570,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.03.04 07:58:58 | 000,628,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.03.04 07:58:58 | 000,322,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2017.03.04 07:58:49 | 001,416,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017.03.04 07:57:26 | 000,372,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MediaControl.dll
[2017.03.04 07:57:17 | 000,387,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.03.04 07:56:04 | 000,263,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2017.03.04 07:56:03 | 000,248,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2017.03.04 07:54:12 | 002,277,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2017.03.04 07:53:38 | 001,431,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2017.03.04 07:53:33 | 000,136,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostUser.dll
[2017.03.04 07:53:19 | 005,722,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2017.03.04 07:53:19 | 000,781,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2017.03.04 07:53:11 | 000,493,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.03.04 07:53:08 | 000,975,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2017.03.04 07:53:07 | 000,313,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2017.03.04 07:53:03 | 000,861,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2017.03.04 07:52:59 | 000,549,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2017.03.04 07:51:38 | 000,576,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.03.04 07:50:44 | 000,846,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2017.03.04 07:47:56 | 006,667,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.03.04 07:47:47 | 004,023,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2017.03.04 07:47:42 | 000,374,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2017.03.04 07:47:41 | 001,123,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2017.03.04 07:47:36 | 001,344,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2017.03.04 07:47:35 | 001,853,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2017.03.04 07:47:35 | 001,557,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2017.03.04 07:47:35 | 001,360,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2017.03.04 07:47:35 | 000,981,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2017.03.04 07:47:34 | 000,976,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2017.03.04 07:47:33 | 000,952,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2017.03.04 07:47:32 | 001,202,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2017.03.04 07:47:32 | 000,640,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2017.03.04 07:47:32 | 000,530,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2017.03.04 07:47:31 | 001,277,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2017.03.04 07:47:25 | 000,034,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll
[2017.03.04 07:46:40 | 004,312,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.03.04 07:46:40 | 000,321,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2017.03.04 07:45:15 | 000,173,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll
[2017.03.04 07:42:57 | 007,216,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.03.04 07:42:41 | 000,276,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2017.03.04 07:42:39 | 001,415,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.03.04 07:42:30 | 000,545,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.03.04 07:40:36 | 000,306,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
[2017.03.04 07:39:58 | 000,372,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2017.03.04 07:37:46 | 001,631,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2017.03.04 07:37:19 | 000,025,088 | ---- | M] () -- C:\WINDOWS\SysNative\GamePanelExternalHook.dll
[2017.03.04 07:36:51 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.03.04 07:36:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.03.04 07:36:39 | 005,685,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.03.04 07:36:29 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2017.03.04 07:36:24 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2017.03.04 07:36:23 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfp.dll
[2017.03.04 07:36:15 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2017.03.04 07:36:09 | 022,565,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.03.04 07:36:04 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2017.03.04 07:35:51 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.03.04 07:35:34 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddrawex.dll
[2017.03.04 07:35:19 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.03.04 07:35:13 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.03.04 07:34:56 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2017.03.04 07:34:51 | 000,258,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2017.03.04 07:34:50 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.03.04 07:34:32 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Diagnostics.dll
[2017.03.04 07:34:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys
[2017.03.04 07:34:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.03.04 07:34:18 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.SystemManagement.dll
[2017.03.20 17:04:13 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2017.03.20 17:04:13 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothDesktopHandlers.dll
[2017.03.20 17:04:12 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2017.03.20 17:04:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacc.dll
[2017.03.20 17:04:12 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscandui.dll
[2017.03.20 17:04:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInputUap.dll
[2017.03.20 17:04:10 | 006,664,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspaint.exe
[2017.03.20 17:04:10 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2017.03.20 17:04:10 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ErrorDetails.dll
[2017.03.20 17:04:09 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2017.03.20 17:04:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2017.03.20 17:04:08 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2017.03.20 17:04:08 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2017.03.20 17:04:08 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2017.03.20 17:04:08 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017.03.20 17:04:08 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfui.dll
[2017.03.20 17:04:07 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfp.dll
[2017.03.20 17:04:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2017.03.20 17:04:06 | 005,114,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2017.03.20 17:04:06 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2017.03.20 17:04:02 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017.03.20 17:04:02 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.03.20 17:03:24 | 008,886,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneDriveSetup.exe
[2017.03.20 16:33:02 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.03.20 16:33:01 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.03.20 16:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017.03.20 16:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017.03.20 16:32:32 | 000,000,000 | ---D | C] -- C:\Users\Endon\AppData\Local\Zemana
[2017.03.20 16:28:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.03.20 16:24:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2017.03.20 16:24:26 | 000,000,000 | ---D | C] -- C:\Users\Endon\AppData\Local\Temp
[2017.03.20 16:01:41 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.03.16 17:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2017.03.16 17:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.03.15 21:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.03.15 21:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017.03.15 21:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2017.03.15 20:49:11 | 001,663,904 | ---- | C] (Malwarebytes) -- C:\Users\Endon\Desktop\JRT.exe
[2017.03.15 18:23:44 | 000,186,304 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.03.15 18:23:29 | 000,111,544 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.03.15 18:23:29 | 000,092,088 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.03.15 18:23:21 | 000,043,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.03.15 18:23:16 | 000,251,840 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.03.15 18:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017.03.15 18:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.03.15 18:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.03.15 18:17:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.03.15 15:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017.03.15 15:53:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017.03.15 15:39:04 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Endon\Desktop\HijackThis.exe
[2017.03.14 18:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2017.03.14 18:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2017.03.14 17:27:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2017.03.14 15:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2017.03.14 13:56:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Microsoft
[2017.03.06 14:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
[2017.03.06 14:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2017.03.06 11:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefly Studios
[3 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2017.03.24 15:25:46 | 000,489,087 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.03.24 15:25:41 | 000,517,163 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.03.24 15:25:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Endon\Desktop\OTL.exe
[2017.03.24 15:25:09 | 000,027,182 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižeka.PNG
[2017.03.24 15:23:25 | 000,000,512 | ---- | M] () -- C:\Users\Endon\Desktop\MBR.dat
[2017.03.24 14:01:49 | 000,092,088 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.03.24 08:51:53 | 1650,393,088 | -HS- | M] () -- C:\hiberfil.sys
[2017.03.24 08:51:51 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.03.23 21:02:16 | 002,344,268 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.03.23 21:02:16 | 000,957,856 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.03.23 21:02:16 | 000,861,662 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2017.03.23 21:02:16 | 000,289,856 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.03.23 21:02:16 | 000,220,936 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2017.03.22 16:51:49 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForEndon.job
[2017.03.22 14:48:26 | 000,186,304 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.03.22 14:48:23 | 000,111,544 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.03.22 14:48:19 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.03.22 14:48:14 | 000,251,840 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.03.21 19:00:29 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017.03.21 16:16:42 | 002,424,832 | ---- | M] (Farbar) -- C:\Users\Endon\Desktop\FRST64.exe
[2017.03.21 16:14:22 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\Endon\Desktop\aswmbr.exe
[2017.03.20 21:28:28 | 000,370,488 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.03.20 16:33:02 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.03.20 16:33:02 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.03.20 16:33:00 | 000,001,228 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.03.20 16:05:58 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.03.16 20:16:02 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.03.16 17:48:20 | 026,131,528 | ---- | M] () -- C:\Users\Endon\Desktop\RogueKillerX64.exe
[2017.03.15 21:23:51 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.03.15 20:50:14 | 001,663,904 | ---- | M] (Malwarebytes) -- C:\Users\Endon\Desktop\JRT.exe
[2017.03.15 18:23:10 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.03.15 18:17:42 | 004,031,440 | ---- | M] () -- C:\Users\Endon\Desktop\AdwCleaner.exe
[2017.03.15 15:53:08 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.03.15 15:39:11 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Endon\Desktop\HijackThis.exe
[2017.03.14 18:45:11 | 000,001,006 | ---- | M] () -- C:\Users\Endon\Desktop\HD Tune.lnk
[2017.03.14 15:09:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin
[2017.03.10 14:00:11 | 000,548,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgsp.sys.148915086650002
[2017.03.10 06:17:56 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017.03.10 06:17:56 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2017.03.09 14:05:39 | 000,063,162 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek4.PNG
[2017.03.09 14:05:05 | 000,407,775 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek3.PNG
[2017.03.09 14:04:50 | 000,393,865 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek2.PNG
[2017.03.09 14:04:32 | 000,331,870 | ---- | M] () -- C:\Users\Endon\Desktop\Výstřižek.PNG
[2017.03.06 14:35:02 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Stronghold Crusader.lnk
[2017.03.04 21:28:04 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cs-CZ\ndis.sys.mui
[2017.03.04 08:57:44 | 000,192,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2017.03.04 08:57:43 | 000,315,744 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2017.03.04 08:40:53 | 000,965,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2017.03.04 08:35:25 | 001,294,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2017.03.04 08:35:25 | 000,142,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2017.03.04 08:35:22 | 001,617,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2017.03.04 08:35:22 | 000,655,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2017.03.04 08:35:22 | 000,565,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2017.03.04 08:35:22 | 000,343,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2017.03.04 08:35:22 | 000,086,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2017.03.04 08:35:21 | 000,378,720 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2017.03.04 08:35:21 | 000,242,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2017.03.04 08:35:15 | 000,590,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2017.03.04 08:35:09 | 000,315,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2017.03.04 08:35:09 | 000,038,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2017.03.04 08:27:09 | 000,603,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2017.03.04 08:26:53 | 000,794,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017.03.04 08:25:44 | 001,117,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2017.03.04 08:24:33 | 000,354,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2017.03.04 08:24:27 | 000,108,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2017.03.04 08:24:23 | 000,894,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2017.03.04 08:24:20 | 001,051,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2017.03.04 08:24:07 | 000,646,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017.03.04 08:24:05 | 002,186,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll
[2017.03.04 08:24:04 | 002,482,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2017.03.04 08:23:13 | 002,512,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2017.03.04 08:22:41 | 002,213,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017.03.04 08:22:22 | 001,354,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2017.03.04 08:22:22 | 001,172,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2017.03.04 08:22:21 | 007,786,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017.03.04 08:20:52 | 000,379,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2017.03.04 08:19:11 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017.03.04 08:19:02 | 002,049,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2017.03.04 08:18:48 | 000,764,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017.03.04 08:18:43 | 000,219,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2017.03.04 08:17:22 | 000,409,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2017.03.04 08:15:25 | 000,063,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2017.03.04 08:15:14 | 000,404,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2017.03.04 08:15:08 | 001,000,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2017.03.04 08:13:27 | 000,635,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2017.03.04 08:11:48 | 000,328,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2017.03.04 08:11:41 | 000,266,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2017.03.04 08:10:08 | 002,828,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2017.03.04 08:10:08 | 000,360,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2017.03.04 08:09:54 | 000,635,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2017.03.04 08:09:53 | 000,402,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017.03.04 08:09:51 | 000,658,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2017.03.04 08:09:45 | 001,860,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2017.03.04 08:09:31 | 000,178,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostUser.dll
[2017.03.04 08:09:28 | 001,969,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll
[2017.03.04 08:09:27 | 002,206,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2017.03.04 08:09:27 | 000,857,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2017.03.04 08:09:22 | 002,717,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2017.03.04 08:09:21 | 007,220,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2017.03.04 08:09:21 | 000,396,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2017.03.04 08:09:17 | 000,578,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017.03.04 08:09:17 | 000,527,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2017.03.04 08:09:13 | 001,293,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2017.03.04 08:09:09 | 001,157,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2017.03.04 08:09:09 | 000,681,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2017.03.04 08:08:59 | 000,130,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2017.03.04 08:08:20 | 000,342,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2017.03.04 08:08:17 | 000,509,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017.03.04 08:07:58 | 000,682,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2017.03.04 08:07:56 | 000,080,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2017.03.04 08:07:55 | 000,557,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2017.03.04 08:07:54 | 000,110,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2017.03.04 08:07:28 | 001,267,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2017.03.04 08:07:24 | 001,100,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017.03.04 08:07:22 | 000,116,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2017.03.04 08:07:21 | 000,947,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2017.03.04 08:07:19 | 000,989,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017.03.04 08:07:18 | 000,811,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2017.03.04 08:07:14 | 002,913,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017.03.04 08:04:33 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017.03.04 08:04:24 | 001,362,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmpmde.dll
[2017.03.04 08:04:19 | 008,169,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.03.04 08:04:03 | 001,063,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2017.03.04 08:03:58 | 001,848,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2017.03.04 08:03:57 | 001,702,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2017.03.04 08:03:56 | 004,260,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2017.03.04 08:03:55 | 000,811,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2017.03.04 08:03:54 | 001,301,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2017.03.04 08:03:54 | 000,424,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2017.03.04 08:03:53 | 001,473,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2017.03.04 08:03:53 | 001,454,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2017.03.04 08:03:53 | 001,071,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2017.03.04 08:03:53 | 000,596,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2017.03.04 08:03:52 | 001,989,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2017.03.04 08:03:51 | 001,694,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2017.03.04 08:03:51 | 000,443,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2017.03.04 08:03:49 | 000,755,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2017.03.04 08:03:49 | 000,523,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMRServer.dll
[2017.03.04 08:03:48 | 001,062,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2017.03.04 08:03:46 | 000,038,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll
[2017.03.04 08:03:21 | 001,723,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2017.03.04 08:03:17 | 000,160,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostBroker.dll
[2017.03.04 08:03:13 | 000,241,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2017.03.04 08:03:09 | 000,382,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2017.03.04 08:03:07 | 004,674,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017.03.04 08:03:00 | 001,600,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2017.03.04 08:01:57 | 000,137,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2017.03.04 08:01:53 | 000,128,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2017.03.04 08:01:52 | 000,201,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basecsp.dll
[2017.03.04 07:59:01 | 001,570,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017.03.04 07:58:58 | 000,628,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017.03.04 07:58:58 | 000,322,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2017.03.04 07:58:49 | 001,416,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017.03.04 07:57:26 | 000,372,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.MediaControl.dll
[2017.03.04 07:57:17 | 000,387,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017.03.04 07:56:04 | 000,263,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2017.03.04 07:56:03 | 000,248,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2017.03.04 07:54:12 | 002,277,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2017.03.04 07:53:38 | 001,431,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2017.03.04 07:53:33 | 000,136,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostUser.dll
[2017.03.04 07:53:19 | 005,722,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2017.03.04 07:53:19 | 000,781,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2017.03.04 07:53:11 | 000,493,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017.03.04 07:53:08 | 000,975,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2017.03.04 07:53:07 | 000,313,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2017.03.04 07:53:03 | 000,861,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2017.03.04 07:52:59 | 000,549,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2017.03.04 07:51:38 | 000,576,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2017.03.04 07:50:44 | 000,846,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2017.03.04 07:47:56 | 006,667,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.03.04 07:47:47 | 004,023,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2017.03.04 07:47:42 | 000,374,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2017.03.04 07:47:41 | 001,123,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2017.03.04 07:47:36 | 001,344,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2017.03.04 07:47:35 | 001,853,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2017.03.04 07:47:35 | 001,557,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2017.03.04 07:47:35 | 001,360,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2017.03.04 07:47:35 | 000,981,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2017.03.04 07:47:34 | 000,976,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2017.03.04 07:47:33 | 000,952,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2017.03.04 07:47:32 | 001,202,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2017.03.04 07:47:32 | 000,640,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2017.03.04 07:47:32 | 000,530,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2017.03.04 07:47:31 | 001,277,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2017.03.04 07:47:25 | 000,034,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll
[2017.03.04 07:46:40 | 004,312,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017.03.04 07:46:40 | 000,321,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2017.03.04 07:45:15 | 000,173,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\basecsp.dll
[2017.03.04 07:42:57 | 007,216,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017.03.04 07:42:41 | 000,276,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2017.03.04 07:42:39 | 001,415,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017.03.04 07:42:30 | 000,545,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017.03.04 07:40:36 | 000,306,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
[2017.03.04 07:39:58 | 000,372,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2017.03.04 07:37:46 | 001,631,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2017.03.04 07:37:19 | 000,025,088 | ---- | M] () -- C:\WINDOWS\SysNative\GamePanelExternalHook.dll
[2017.03.04 07:36:51 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017.03.04 07:36:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2017.03.04 07:36:39 | 005,685,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017.03.04 07:36:29 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2017.03.04 07:36:24 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2017.03.04 07:36:23 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfp.dll
[2017.03.04 07:36:15 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2017.03.04 07:36:09 | 022,565,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017.03.04 07:36:04 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2017.03.04 07:35:51 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2017.03.04 07:35:34 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ddrawex.dll
[2017.03.04 07:35:19 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017.03.04 07:35:13 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017.03.04 07:34:56 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2017.03.04 07:34:51 | 000,258,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2017.03.04 07:34:50 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017.03.04 07:34:32 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Diagnostics.dll
[2017.03.04 07:34:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys
[2017.03.04 07:34:19 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2017.03.04 07:34:18 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.SystemManagement.dll
►Case: NZXT Noctis 450◄►Zdroj: EVGA Supernova 750W G2◄►MB: Asus MAXIMUS VIII Ranger◄►CPU: Intel core i5-6600K◄►GPU: Gainward Phoenix GTX 1060 GS◄►Chladič: Scythe Ninja 4◄►SSD: Samsung 850 EVO 250GB◄►HDD: 2x Seagate Barracuda 2TB◄►RAM: Crucial Ballistix Sport LT 2x8GB 2400Mhz DDR4◄
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 11 hostů