Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by Hombre (administrator) on HOMBRE (05-01-2018 16:49:56)
Running from C:\Users\Hombre\Desktop
Loaded Profiles: Hombre (Available Profiles: OEM & Hombre)
Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\WsAppService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files (x86)\Multitimer\66248.exe
() C:\Program Files (x86)\Multitimer\63797.exe
(BUMVPN) C:\Users\Hombre\AppData\Local\Temp\is-BGB7F.tmp\up.exe
(BUMVPN) C:\Users\Hombre\AppData\Local\Temp\is-T9114.tmp\up.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
( ) C:\Users\Hombre\AppData\Roaming\s333hgyuf5y\tpkgki0vvle.exe
( ) C:\Users\Hombre\AppData\Roaming\pq4m4qqiwqc\ifiih3o1lsa.exe
() C:\Users\Hombre\AppData\Local\Temp\is-RVKCP.tmp\ifiih3o1lsa.tmp
() C:\Users\Hombre\AppData\Local\Temp\is-RVKCO.tmp\tpkgki0vvle.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(BitTorrent Inc.) C:\Users\Hombre\AppData\Roaming\uTorrent\uTorrent.exe
(Spotify Ltd) C:\Users\Hombre\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Hombre\AppData\Roaming\Spotify\Spotify.exe
(BitTorrent Inc.) C:\Users\Hombre\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(BitTorrent Inc.) C:\Users\Hombre\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Spotify Ltd) C:\Users\Hombre\AppData\Roaming\Spotify\Spotify.exe
( ) C:\Users\Hombre\AppData\Roaming\xcws2tqrgee\lahki4julkp.exe
() C:\Users\Hombre\AppData\Local\Temp\is-4B7H6.tmp\lahki4julkp.tmp
( ) C:\Users\Hombre\AppData\Roaming\m1dmpvyldkh\nt4ecie2ry4.exe
(Spotify Ltd) C:\Users\Hombre\AppData\Roaming\Spotify\Spotify.exe
() C:\Users\Hombre\AppData\Local\Temp\is-4L91D.tmp\nt4ecie2ry4.tmp
(Spotify Ltd) C:\Users\Hombre\AppData\Roaming\Spotify\Spotify.exe
( ) C:\Users\Hombre\AppData\Roaming\bdvt1d5fimw\ezy5d2ybmbo.exe
() C:\Users\Hombre\AppData\Local\Temp\is-ALLR0.tmp\ezy5d2ybmbo.tmp
(BUMVPN) C:\Program Files\QJQTHNLVU3\QJQTHNLVU.Vexe
( ) C:\Users\Hombre\AppData\Roaming\oanxihg5nos\x2hs0brickr.exe
() C:\Users\Hombre\AppData\Local\Temp\is-5NLQ4.tmp\x2hs0brickr.tmp
(BUMVPN) C:\Program Files\NWCVAV87XJ\NWCVAV87X.Vexe
() C:\Windows\Temp\g1A4A.tmp.exe
( ) C:\Users\Hombre\AppData\Roaming\5k03kg0ftfy\was1yi5mvjy.exe
() C:\Users\Hombre\AppData\Local\Temp\is-H1VTC.tmp\was1yi5mvjy.tmp
( ) C:\Users\Hombre\AppData\Roaming\wuy0tgmr1kg\0v4bca4sqrc.exe
() C:\Users\Hombre\AppData\Local\Temp\is-MJ9ES.tmp\0v4bca4sqrc.tmp
( ) C:\Users\Hombre\AppData\Roaming\cydja20bbaw\pknqmwxuxsv.exe
() C:\Users\Hombre\AppData\Local\Temp\is-L7TEK.tmp\pknqmwxuxsv.tmp
( ) C:\Users\Hombre\AppData\Roaming\ifowuq14sqz\t5raspm312o.exe
() C:\Users\Hombre\AppData\Local\Temp\is-N3GV6.tmp\t5raspm312o.tmp
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(BUMVPN) C:\Program Files\QNTZ3IAT27\QNTZ3IAT2.Vexe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(BUMVPN) C:\Program Files\S3PN2RG0A8\S3PN2RG0A.Vexe
( ) C:\Users\Hombre\AppData\Roaming\k3ffa0ogpp4\qy0k4vmenrs.exe
() C:\Users\Hombre\AppData\Local\Temp\is-ODKO4.tmp\qy0k4vmenrs.tmp
( ) C:\Users\Hombre\AppData\Roaming\wtnw1bmz202\mpwh51kh20q.exe
() C:\Users\Hombre\AppData\Local\Temp\is-9F3KI.tmp\mpwh51kh20q.tmp
(BUMVPN) C:\Program Files\J15ZL5ZGPL\DGM6D9PZK.Vexe
(BUMVPN) C:\Program Files\3QE22P20G3\3QE22P20G.Vexe
( ) C:\Users\Hombre\AppData\Roaming\1ud3lh2feae\rdpagdwzhhe.exe
() C:\Users\Hombre\AppData\Local\Temp\is-274BC.tmp\rdpagdwzhhe.tmp
( ) C:\Users\Hombre\AppData\Roaming\0zyj54cqf1d\rwadgably52.exe
() C:\Users\Hombre\AppData\Local\Temp\is-42NRT.tmp\rwadgably52.tmp
( ) C:\Users\Hombre\AppData\Roaming\ddpb4zstbbq\jqqm0wgxfgq.exe
() C:\Users\Hombre\AppData\Local\Temp\is-OQ9H7.tmp\jqqm0wgxfgq.tmp
(BUMVPN) C:\Program Files\RJX68AMP74\RJX68AMP7.Vexe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BUMVPN) C:\Program Files\SBNZLOOSU1\SBNZLOOSU.Vexe
( ) C:\Users\Hombre\AppData\Roaming\1e4cwdmf5c3\gskkv3cqeeh.exe
() C:\Users\Hombre\AppData\Local\Temp\is-LV796.tmp\gskkv3cqeeh.tmp
( ) C:\Users\Hombre\AppData\Roaming\1mx4u3geetq\q45lzprh0l1.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
() C:\Users\Hombre\AppData\Local\Temp\is-EAH7D.tmp\q45lzprh0l1.tmp
(BUMVPN) C:\Program Files\8BNR4751CX\8BNR4751C.Vexe
(BUMVPN) C:\Program Files\KMUJAAA1TZ\KMUJAAA1T.Vexe
( ) C:\Users\Hombre\AppData\Roaming\spod4vuzom0\o1ll0jsdmcm.exe
() C:\Users\Hombre\AppData\Local\Temp\is-TD6JU.tmp\o1ll0jsdmcm.tmp
( ) C:\Users\Hombre\AppData\Roaming\falhmpq4keh\0cqqc3xclui.exe
() C:\Users\Hombre\AppData\Local\Temp\is-4M85S.tmp\0cqqc3xclui.tmp
( ) C:\Users\Hombre\AppData\Roaming\j0l1nzknuo0\tmavkwunhpj.exe
( ) C:\Users\Hombre\AppData\Roaming\kbesl4id5z4\oqcvkiwoiv1.exe
() C:\Users\Hombre\AppData\Local\Temp\is-6H26J.tmp\tmavkwunhpj.tmp
() C:\Users\Hombre\AppData\Local\Temp\is-4INE5.tmp\oqcvkiwoiv1.tmp
(BUMVPN) C:\Program Files\JZA28C0GHY\JZA28C0GH.Vexe
( ) C:\Users\Hombre\AppData\Roaming\s5rqaosc0dw\lisz3rs3x4p.exe
() C:\Users\Hombre\AppData\Local\Temp\is-BI08N.tmp\lisz3rs3x4p.tmp
( ) C:\Users\Hombre\AppData\Roaming\fzgrllzqcqq\3qqb5njgyzd.exe
() C:\Users\Hombre\AppData\Local\Temp\is-2M6EN.tmp\3qqb5njgyzd.tmp
( ) C:\Users\Hombre\AppData\Roaming\3fgzw2wjo53\rmq2pstfy43.exe
() C:\Users\Hombre\AppData\Local\Temp\is-ELF1O.tmp\rmq2pstfy43.tmp
(BUMVPN) C:\Program Files\F5UH6WMWK1\F5UH6WMWK.Vexe
( ) C:\Users\Hombre\AppData\Roaming\oaxzhbyprjb\ng2xaefskgv.exe
( ) C:\Users\Hombre\AppData\Roaming\ckcscjcpuca\l40lxzqb2ad.exe
() C:\Users\Hombre\AppData\Local\Temp\is-FL6I3.tmp\ng2xaefskgv.tmp
() C:\Users\Hombre\AppData\Local\Temp\is-RR1T5.tmp\l40lxzqb2ad.tmp
(BUMVPN) C:\Program Files\T2CO3J9P07\T2CO3J9P0.Vexe
(BUMVPN) C:\Program Files\1NIKNWK448\1NIKNWK44.Vexe
(BUMVPN) C:\Program Files\587M31PARW\587M31PAR.Vexe
(BUMVPN) C:\Program Files\H2I05SMTUZ\H2I05SMTU.Vexe
(BUMVPN) C:\Program Files\IEZ0NA8ZJ4\IEZ0NA8ZJ.Vexe
( ) C:\Users\Hombre\AppData\Roaming\g2bex3gus3i\v5j4qnaqgrm.exe
() C:\Users\Hombre\AppData\Local\Temp\is-N8KCK.tmp\v5j4qnaqgrm.tmp
(BUMVPN) C:\Program Files\N3NZLI3IVO\N3NZLI3IV.Vexe
( ) C:\Users\Hombre\AppData\Roaming\j25i0t4zvnq\r321dcn5xis.exe
() C:\Users\Hombre\AppData\Local\Temp\is-Q5GDL.tmp\r321dcn5xis.tmp
(BUMVPN) C:\Program Files\DUR0DYHNZK\DUR0DYHNZ.Vexe
(BUMVPN) C:\Program Files\OI5OS6IDGN\OI5OS6IDG.Vexe
(BUMVPN) C:\Program Files\K3CBZKB0GZ\K3CBZKB0G.Vexe
(BUMVPN) C:\Program Files\64UKOCN6B7\64UKOCN6B.Vexe
( ) C:\Users\Hombre\AppData\Roaming\0otslxkqyny\tr23ysvksgr.exe
() C:\Users\Hombre\AppData\Local\Temp\is-8N4Q2.tmp\tr23ysvksgr.tmp
( ) C:\Users\Hombre\AppData\Roaming\hlbzs34l5q3\hbpj2ebbcwh.exe
() C:\Users\Hombre\AppData\Local\Temp\is-P1CM8.tmp\hbpj2ebbcwh.tmp
( ) C:\Users\Hombre\AppData\Roaming\aqtfmj1h5ao\gs2pvnod24h.exe
() C:\Users\Hombre\AppData\Local\Temp\is-6B7PL.tmp\gs2pvnod24h.tmp
(BUMVPN) C:\Program Files\CJ410CR3UH\CJ410CR3U.Vexe
( ) C:\Users\Hombre\AppData\Roaming\pq4m4qqiwqc\ifiih3o1lsa.exe
() C:\Users\Hombre\AppData\Local\Temp\is-BL53A.tmp\ifiih3o1lsa.tmp
( ) C:\Users\Hombre\AppData\Roaming\s333hgyuf5y\tpkgki0vvle.exe
() C:\Users\Hombre\AppData\Local\Temp\is-LUJE0.tmp\tpkgki0vvle.tmp
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Wondershare\Video Converter Ultimate\WSVCUUpdateHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(ESET spol. s r.o.) C:\Download\esetonlinescanner_csy.exe
(BUMVPN) C:\Users\Hombre\AppData\Local\Temp\is-1PIU6.tmp\up.exe
(BUMVPN) C:\Users\Hombre\AppData\Local\Temp\is-41IEU.tmp\up.exe
() C:\Disk\WEBSER~1.EXE
() C:\Disk\WEBSER~1.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(PC Tools) C:\Disk\securedisk.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(forum.viry.cz) C:\Users\Hombre\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8861944 2016-07-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427704 2016-07-29] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Audio Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SERVICE] => [X]
HKLM\...\Run: [gplyra] => C:\Users\Hombre\AppData\Roaming\gplyra\gplyra.exe [1579008 2016-10-27] () <==== ATTENTION
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-12-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\WSVCUUpdateHelper.exe [28896 2017-08-10] ()
HKLM\...\RunOnce: [2vf5c4qzcdb] => C:\Program Files (x86)\Multitimer\66248.exe [1218048 2018-01-05] ()
HKLM\...\RunOnce: [z11vkdu1kxx] => C:\Program Files (x86)\Multitimer\63797.exe [1218048 2018-01-05] ()
HKLM\...\RunOnce: [OMEWPRODUCT_M7RUY] => C:\Users\Hombre\AppData\Local\Temp\is-BGB7F.tmp\up.exe [54784 2018-01-05] (BUMVPN) <==== ATTENTION
HKLM\...\RunOnce: [OMEWPRODUCT_UX9KP] => C:\Users\Hombre\AppData\Local\Temp\is-T9114.tmp\up.exe [54784 2018-01-05] (BUMVPN) <==== ATTENTION
HKLM\...\RunOnce: [HOMBRE] => C:\WINDOWS\TEMP\gE2DE.tmp.exe [207360 2018-01-05] () <==== ATTENTION
HKLM\...\RunOnce: [OMEWPRODUCT_L4GZK] => C:\Users\Hombre\AppData\Local\Temp\is-1PIU6.tmp\up.exe [54784 2018-01-05] (BUMVPN) <==== ATTENTION
HKLM\...\RunOnce: [OMEWPRODUCT_MW6SX] => C:\Users\Hombre\AppData\Local\Temp\is-41IEU.tmp\up.exe [54784 2018-01-05] (BUMVPN) <==== ATTENTION
HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [uTorrent] => C:\Users\Hombre\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2017-12-27] (BitTorrent Inc.)
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [Spotify Web Helper] => C:\Users\Hombre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2017-12-27] (Spotify Ltd)
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [Spotify] => C:\Users\Hombre\AppData\Roaming\Spotify\Spotify.exe [21070224 2017-12-27] (Spotify Ltd)
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [LMG2MGQHY1HISEQ] => "C:\Program Files (x86)\ShutdownTime\F33I7.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [9674175] => C:\Users\Hombre\AppData\Roaming\xcws2tqrgee\lahki4julkp.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [1171228] => C:\Users\Hombre\AppData\Roaming\m1dmpvyldkh\nt4ecie2ry4.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [8388227] => C:\Users\Hombre\AppData\Roaming\bdvt1d5fimw\ezy5d2ybmbo.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [F43MOPVLN9NA6DM] => "C:\Program Files\QJQTHNLVU3\QJQTHNLVU.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [2011544] => C:\Users\Hombre\AppData\Roaming\oanxihg5nos\x2hs0brickr.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [W0HS9NG9O5BSE2B] => "C:\Program Files\NWCVAV87XJ\NWCVAV87X.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [PBF59AEA0MFEB29] => "C:\Program Files (x86)\ShutdownTime\88V48.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [5970510] => C:\Users\Hombre\AppData\Roaming\5k03kg0ftfy\was1yi5mvjy.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [5947983] => C:\Users\Hombre\AppData\Roaming\wuy0tgmr1kg\0v4bca4sqrc.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [1386120] => C:\Users\Hombre\AppData\Roaming\cydja20bbaw\pknqmwxuxsv.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [5491848] => C:\Users\Hombre\AppData\Roaming\ifowuq14sqz\t5raspm312o.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [DNAHM7LOQI3HR1M] => "C:\Program Files\QNTZ3IAT27\QNTZ3IAT2.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [9SN1WDR2L1LOJ8R] => "C:\Program Files\S3PN2RG0A8\S3PN2RG0A.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [8948070] => C:\Users\Hombre\AppData\Roaming\k3ffa0ogpp4\qy0k4vmenrs.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [1928080] => C:\Users\Hombre\AppData\Roaming\vmhzqfahcax\zgj3sqr5d0o.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [2607501] => C:\Users\Hombre\AppData\Roaming\wtnw1bmz202\mpwh51kh20q.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [FNFYZODAZ2BJ5V4] => "C:\Program Files\J15ZL5ZGPL\DGM6D9PZK.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [J4YSMYB2CU6OW4V] => "C:\Program Files\3QE22P20G3\3QE22P20G.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [4454299] => C:\Users\Hombre\AppData\Roaming\1ud3lh2feae\rdpagdwzhhe.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [6390660] => C:\Users\Hombre\AppData\Roaming\0zyj54cqf1d\rwadgably52.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [40174] => C:\Users\Hombre\AppData\Roaming\ddpb4zstbbq\jqqm0wgxfgq.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [8WK4P2OA7S3B5Z0] => "C:\Program Files\RJX68AMP74\RJX68AMP7.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [45INPRTP45QHPSD] => "C:\Program Files\SBNZLOOSU1\SBNZLOOSU.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [3989383] => C:\Users\Hombre\AppData\Roaming\1e4cwdmf5c3\gskkv3cqeeh.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [4901771] => C:\Users\Hombre\AppData\Roaming\1mx4u3geetq\q45lzprh0l1.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [4045214] => C:\Users\Hombre\AppData\Roaming\cjrufx0zrol\zvobhgmthhp.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [OKAS1XGAMP1QSC7] => "C:\Program Files\8BNR4751CX\8BNR4751C.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [G0PRXHC9DB24YJW] => "C:\Program Files\KMUJAAA1TZ\KMUJAAA1T.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [8234767] => C:\Users\Hombre\AppData\Roaming\sqv2dirteaq\zvj5kkwgezj.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [2623204] => C:\Users\Hombre\AppData\Roaming\spod4vuzom0\o1ll0jsdmcm.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [9226530] => C:\Users\Hombre\AppData\Roaming\falhmpq4keh\0cqqc3xclui.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [3230474] => C:\Users\Hombre\AppData\Roaming\yt54uchln1e\ytsuklgsljk.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [316134] => C:\Users\Hombre\AppData\Roaming\j0l1nzknuo0\tmavkwunhpj.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [7457585] => C:\Users\Hombre\AppData\Roaming\4esguif0shs\xocva3fihxb.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [I0S4E5DAK2X8I9T] => "C:\Program Files\JZA28C0GHY\JZA28C0GH.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [7569208] => C:\Users\Hombre\AppData\Roaming\3fgzw2wjo53\rmq2pstfy43.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [7513416] => C:\Users\Hombre\AppData\Roaming\ckcscjcpuca\l40lxzqb2ad.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [MY9C5SJICTXSS76] => "C:\Program Files\T2CO3J9P07\T2CO3J9P0.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [3S8FOKM8JFT8VRJ] => "C:\Program Files\IEZ0NA8ZJ4\IEZ0NA8ZJ.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [8658810] => C:\Users\Hombre\AppData\Roaming\g2bex3gus3i\v5j4qnaqgrm.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [6G3OU1BFD6SSHA4] => "C:\Program Files\N3NZLI3IVO\N3NZLI3IV.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [9403823] => C:\Users\Hombre\AppData\Roaming\j25i0t4zvnq\r321dcn5xis.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [1L39CNPGLN0WZ60] => "C:\Program Files\DUR0DYHNZK\DUR0DYHNZ.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [8ORVCRL0F2U3BAP] => "C:\Program Files\OI5OS6IDGN\OI5OS6IDG.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [DDFVAYHJRNIKY4Z] => "C:\Program Files\K3CBZKB0GZ\K3CBZKB0G.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [EZ9Z1TMUSL1PD4A] => "C:\Program Files\64UKOCN6B7\64UKOCN6B.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [9965416] => C:\Users\Hombre\AppData\Roaming\0otslxkqyny\tr23ysvksgr.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [1166603] => C:\Users\Hombre\AppData\Roaming\hlbzs34l5q3\hbpj2ebbcwh.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [4704533] => C:\Users\Hombre\AppData\Roaming\aqtfmj1h5ao\gs2pvnod24h.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [21N16MP70DRI6RL] => "C:\Program Files\CJ410CR3UH\CJ410CR3U.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [HAQS2ZT2353HQPV] => "C:\Program Files\YWUEVTSISO\YWUEVTSIS.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [5039966] => C:\Users\Hombre\AppData\Roaming\pq4m4qqiwqc\ifiih3o1lsa.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [7786930] => C:\Users\Hombre\AppData\Roaming\s333hgyuf5y\tpkgki0vvle.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [9881336] => C:\Users\Hombre\AppData\Roaming\kbesl4id5z4\oqcvkiwoiv1.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [3373313] => C:\Users\Hombre\AppData\Roaming\o4xoddd3bdy\yx1pjazpxxm.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [8033641] => C:\Users\Hombre\AppData\Roaming\5sx0i3s52p2\xg4mmoqbh31.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [6924361] => C:\Users\Hombre\AppData\Roaming\s5rqaosc0dw\lisz3rs3x4p.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [5752729] => C:\Users\Hombre\AppData\Roaming\fzgrllzqcqq\3qqb5njgyzd.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [O20FEKXBHBY2JNE] => "C:\Program Files\F5UH6WMWK1\F5UH6WMWK.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [9914210] => C:\Users\Hombre\AppData\Roaming\oaxzhbyprjb\ng2xaefskgv.exe [550322 2018-01-05] ( )
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [D3M1GHNX894TZ9Y] => "C:\Program Files\587M31PARW\587M31PAR.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [HOB3WNR3VXD7M6R] => "C:\Program Files\1NIKNWK448\1NIKNWK44.exe"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Run: [88LMY41YGPCXI4U] => "C:\Program Files\H2I05SMTUZ\H2I05SMTU.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{186cbfcf-f196-4a46-bd5e-61bc241c563a}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{9ec71e9d-f6da-43ec-8a94-7b3668fe552b}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-1316363965-161402098-3267105952-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1316363965-161402098-3267105952-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__171222__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-12-28] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-12-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-12-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-12-28] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-12-28] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: i3y6j4t0.default
FF ProfilePath: C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default [2018-01-05]
FF Homepage: Mozilla\Firefox\Profiles\i3y6j4t0.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\i3y6j4t0.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__171222__yaff
FF Extension: (Elementary) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\Elementary@FX-WinTango.xpi [2017-12-22] [Legacy]
FF Extension: (Fast Dial) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\fastdial@telega.phpnet.us [2017-12-22] [Legacy]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\foxmarks@kei.com.xpi [2017-12-22]
FF Extension: (FXChromeDark) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\fxchromedark@gazugafan.addons.mozilla.org.xpi [2017-12-22] [Legacy]
FF Extension: (Gnome) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\Gnome@FX-WinTango.xpi [2017-12-22] [Legacy]
FF Extension: (Hide Favicons) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\hidefavicons@maarten.xpi [2017-12-22] [Legacy]
FF Extension: (Humanity) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\Humanity@FX-WinTango.xpi [2017-12-22] [Legacy]
FF Extension: (mx4) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\mx4@dkgo.com.xpi [2017-12-22] [Legacy]
FF Extension: (restartFox) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\restartfox@bleed.xpi [2017-12-22] [Legacy]
FF Extension: (Simple White X) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\SimpleX@White.Theme.xpi [2017-12-22] [Legacy]
FF Extension: (Squared Australis Tabs) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\squaredaustralistabs@haven667.xpi [2017-12-22] [Legacy]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2017-12-22]
FF Extension: (Nautipolis for Firefox) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}.xpi [2017-12-22] [Legacy]
FF Extension: (FT DeepDark) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2017-12-22] [Legacy]
FF Extension: (FXChrome) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi [2017-12-22] [Legacy]
FF Extension: (FXOpera) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\Extensions\{e7c7d1b3-5984-410e-9f1e-54e3f8490e8e}.xpi [2017-12-22] [Legacy]
FF Extension: (Disable JavaScript Shared Memory) - C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\features\{24f2f305-5553-4a53-a3db-dd4232b20c93}\disable-js-shared-memory@mozilla.org.xpi [2018-01-04] [Legacy]
FF SearchPlugin: C:\Users\Hombre\AppData\Roaming\Mozilla\Firefox\Profiles\i3y6j4t0.default\searchplugins\yahoo-lavasoft.xml [2017-12-22]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-28] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-12-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2017-12-22] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2017-12-22] <==== ATTENTION

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://ac.w3w.cz/projects/vdc-ii/tasks/69",
         "hxxps://212.158.145.137:8443/index.html",
         "hxxps://w3w.slack.com/messages/D0CN4PEKZ/",
         "hxxps://www.linkos.cz/ceska-onkologicka-spolecnost-cls-jep/o-portalu/zive-prenosy/testovaci-prenos/",
         "hxxps://www.linkos.cz/",
         "hxxps://www.linkos.cz/",
         "hxxps://web.whatsapp.com/",
         "hxxps://www.google.cz/search?q=business+paypal+..+can+i+accepted+personal+payments+%3F&oq=business+paypal+..+can+i+accepted+personal+payments+%3F+&aqs=chrome..69i57.13350j0j7&sourceid=chrome&ie=UTF-8",
         "hxxps://support.google.com/chrome/answer/6258784"
      
CHR Profile: C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default [2018-01-05]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-22]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-22]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-22]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
CHR Extension: (Enhanced Toolbar for Google Products) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgnpdoklbnpgoogifmfnmdfhecokajol [2017-12-22]
CHR Extension: (Fontface Ninja) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2017-12-22]
CHR Extension: (Full Page Screen Capture) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2017-12-22]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-22]
CHR Extension: (CSS - Shack) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\geiccgjkigajaicecnhdokggninehdlp [2017-12-22]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-22]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-01-03]
CHR Extension: (Google Hangouts) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-12-22]
CHR Extension: (Momentum) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2017-12-22]
CHR Extension: (CSS Peeper) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbnbehikldjhnfehhnaidhjhoofhpehk [2017-12-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-22]
CHR Extension: (Exposure New Tab) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\onfocbngcbpfnfdmnhleidllhleaiokn [2017-12-22]
CHR Extension: (No Name) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-22]
CHR Extension: (Chrome Media Router) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
CHR Extension: (Window Resizer Beta) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhnbekjlbamfnnemcaolkjchjlidbib [2017-12-22]
CHR Extension: (RSS Feed Reader) - C:\Users\Hombre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2017-12-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7760552 2017-12-07] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-22] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [86048 2017-08-16] (Dell Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-30] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-15] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2016-10-24] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [318712 2016-07-29] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\WsAppService.exe [473824 2017-04-20] (Wondershare)
S4 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [118496 2017-08-10] (Wondershare)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{F66D6D14-9E7E-41FE-B3CC-4C17799F6330}
S2 FlashruptService64; C:\Program Files (x86)\Flashrupt\FlashruptService64.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-11] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2686200 2016-07-29] (Realtek Semiconductor Corp.)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
S3 LECs6022; C:\WINDOWS\System32\drivers\LECs6022.sys [20208 2016-08-17] (Primax Electronics Ltd.)
S3 LEMo6022; C:\WINDOWS\System32\drivers\LEMo6022.sys [27912 2016-08-17] (Primax Electronics Ltd.)
S3 LEub6022; C:\WINDOWS\System32\drivers\LEub6022.sys [20720 2016-08-17] (Primax Electronics Ltd.)
R1 netfilter64; C:\WINDOWS\System32\drivers\netfilter64.sys [56624 2015-10-27] (NetFilterSDK.com) [File not signed]
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] ()
S3 pelvendr; C:\WINDOWS\system32\DRIVERS\pelvendr.sys [15032 2016-07-11] (TPMX Electronics Ltd.)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-05 16:49 - 2018-01-05 16:50 - 000047583 _____ C:\Users\Hombre\Desktop\FRST.txt
2018-01-05 16:49 - 2018-01-05 16:49 - 000000000 ____D C:\FRST
2018-01-05 16:48 - 2018-01-05 16:48 - 000112640 _____ (forum.viry.cz) C:\Users\Hombre\Desktop\FRSTLauncher.exe
2018-01-05 16:47 - 2018-01-05 16:48 - 002393088 _____ (Farbar) C:\Users\Hombre\Desktop\FRST64.exe
2018-01-05 16:47 - 2018-01-05 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-01-05 16:46 - 2018-01-05 16:46 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-01-05 16:46 - 2018-01-05 16:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-01-05 16:36 - 2018-01-05 16:36 - 008198432 _____ (Malwarebytes) C:\Users\Hombre\Desktop\adwcleaner_7.0.6.0.exe
2018-01-05 16:25 - 2018-01-05 16:25 - 000000000 ____D C:\Users\Hombre\AppData\Local\ESET
2018-01-05 16:13 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\H2I05SMTUZ
2018-01-05 16:13 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\F5UH6WMWK1
2018-01-05 16:13 - 2018-01-05 16:35 - 000000000 ____D C:\Program Files\587M31PARW
2018-01-05 16:13 - 2018-01-05 16:34 - 000000000 ____D C:\Program Files\1NIKNWK448
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\s5rqaosc0dw
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\s333hgyuf5y
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\pq4m4qqiwqc
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\oaxzhbyprjb
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\o4xoddd3bdy
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\kbesl4id5z4
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\fzgrllzqcqq
2018-01-05 16:13 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\5sx0i3s52p2
2018-01-05 16:12 - 2018-01-05 16:12 - 000000000 ____D C:\WINDOWS\Panther
2018-01-05 16:12 - 2018-01-05 16:12 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2018-01-05 14:46 - 2018-01-05 16:46 - 000000000 ____D C:\Program Files\YWUEVTSISO
2018-01-05 14:46 - 2018-01-05 16:36 - 000000000 ____D C:\Program Files\CJ410CR3UH
2018-01-05 14:46 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\hlbzs34l5q3
2018-01-05 14:46 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\aqtfmj1h5ao
2018-01-05 14:46 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\0otslxkqyny
2018-01-05 14:42 - 2018-01-05 16:43 - 000000000 ____D C:\Program Files\OI5OS6IDGN
2018-01-05 14:42 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\K3CBZKB0GZ
2018-01-05 14:42 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\DUR0DYHNZK
2018-01-05 14:42 - 2018-01-05 16:35 - 000000000 ____D C:\Program Files\64UKOCN6B7
2018-01-05 14:41 - 2018-01-05 16:44 - 000000000 ____D C:\Program Files\T2CO3J9P07
2018-01-05 14:41 - 2018-01-05 16:43 - 000000000 ____D C:\Program Files\N3NZLI3IVO
2018-01-05 14:41 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\JZA28C0GHY
2018-01-05 14:41 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\IEZ0NA8ZJ4
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\yt54uchln1e
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\wlqqc2oldki
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\sqv2dirteaq
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\spod4vuzom0
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\j25i0t4zvnq
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\j0l1nzknuo0
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\gfprmm0xzyx
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\g2bex3gus3i
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\falhmpq4keh
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\ckcscjcpuca
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\4esguif0shs
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\3xkhtkb5o45
2018-01-05 14:41 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\3fgzw2wjo53
2018-01-05 14:40 - 2018-01-05 14:40 - 000000270 __RSH C:\Users\Hombre\ntuser.pol
2018-01-05 14:38 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\KMUJAAA1TZ
2018-01-05 14:38 - 2018-01-05 16:35 - 000000000 ____D C:\Program Files\8BNR4751CX
2018-01-05 14:38 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\cjrufx0zrol
2018-01-05 14:38 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\1mx4u3geetq
2018-01-05 14:38 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\1e4cwdmf5c3
2018-01-05 14:35 - 2018-01-05 14:37 - 000000000 ____D C:\Wondershare Video Converter Ultimate
2018-01-05 14:35 - 2018-01-05 14:35 - 000000000 ____D C:\Users\Hombre\AppData\Local\Wondershare
2018-01-05 14:33 - 2018-01-05 16:44 - 000000000 ____D C:\Program Files\SBNZLOOSU1
2018-01-05 14:33 - 2018-01-05 16:44 - 000000000 ____D C:\Program Files\RJX68AMP74
2018-01-05 14:33 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\ddpb4zstbbq
2018-01-05 14:32 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\1ud3lh2feae
2018-01-05 14:32 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\0zyj54cqf1d
2018-01-05 14:29 - 2018-01-05 16:38 - 000000000 ____D C:\Program Files\J15ZL5ZGPL
2018-01-05 14:29 - 2018-01-05 16:34 - 000000000 ____D C:\Program Files\3QE22P20G3
2018-01-05 14:29 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\wtnw1bmz202
2018-01-05 14:29 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\vmhzqfahcax
2018-01-05 14:29 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\k3ffa0ogpp4
2018-01-05 14:22 - 2015-02-27 10:35 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2018-01-05 14:21 - 2018-01-05 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-01-05 14:21 - 2018-01-05 14:21 - 000000000 ____D C:\Users\Hombre\Documents\Wondershare MediaServer
2018-01-05 14:20 - 2018-01-05 16:10 - 000000000 ____D C:\ProgramData\Wondershare
2018-01-05 14:20 - 2018-01-05 16:10 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-01-05 14:20 - 2018-01-05 14:20 - 000000292 _____ C:\WINDOWS\Tasks\One System CarePeriod.job
2018-01-05 14:16 - 2018-01-05 16:44 - 000000000 ____D C:\Program Files\S3PN2RG0A8
2018-01-05 14:16 - 2018-01-05 16:43 - 000000000 ____D C:\Program Files\QNTZ3IAT27
2018-01-05 14:16 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\wuy0tgmr1kg
2018-01-05 14:16 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\ifowuq14sqz
2018-01-05 14:16 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\cydja20bbaw
2018-01-05 14:15 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\5k03kg0ftfy
2018-01-05 14:14 - 2018-01-05 16:43 - 000000000 ____D C:\Program Files\QJQTHNLVU3
2018-01-05 14:14 - 2018-01-05 16:43 - 000000000 ____D C:\Program Files\NWCVAV87XJ
2018-01-05 14:14 - 2018-01-05 16:32 - 000000000 ____D C:\Disk
2018-01-05 14:14 - 2018-01-05 16:11 - 000000000 ____D C:\Windat
2018-01-05 14:14 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\oanxihg5nos
2018-01-05 14:14 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\m1dmpvyldkh
2018-01-05 14:14 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\bdvt1d5fimw
2018-01-05 14:14 - 2018-01-05 14:14 - 000000000 ____D C:\ProgramData\Microleaves
2018-01-05 14:13 - 2018-01-05 16:49 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2018-01-05 14:13 - 2018-01-05 16:13 - 000930816 _____ C:\Users\Hombre\AppData\Local\po.db
2018-01-05 14:13 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\xcws2tqrgee
2018-01-05 14:13 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\gplyra
2018-01-05 14:13 - 2018-01-05 14:15 - 000000000 ____D C:\Program Files (x86)\Multitimer
2018-01-05 14:13 - 2018-01-05 14:13 - 000140800 _____ C:\Users\Hombre\AppData\Local\installer.dat
2018-01-05 14:13 - 2018-01-05 14:13 - 000011568 _____ C:\Users\Hombre\AppData\Local\InstallationConfiguration.xml
2018-01-05 14:13 - 2018-01-05 14:13 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Macromedia
2018-01-05 14:13 - 2018-01-05 14:13 - 000000000 ____D C:\Users\Hombre\AppData\Local\OneSystemCare
2018-01-05 14:12 - 2018-01-05 14:12 - 000000000 ____D C:\Users\Hombre\AppData\Local\FastDataX
2018-01-05 14:11 - 2018-01-05 16:11 - 000000000 ____D C:\WinSys
2018-01-05 14:11 - 2018-01-05 16:11 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Microleaves
2018-01-05 14:11 - 2018-01-05 14:40 - 000000396 _____ C:\WINDOWS\Tasks\Updater_Online_Application.job
2018-01-05 14:11 - 2018-01-05 14:40 - 000000364 _____ C:\WINDOWS\Tasks\Online Application V2G6.job
2018-01-05 14:11 - 2018-01-05 14:40 - 000000364 _____ C:\WINDOWS\Tasks\Online Application V2G5.job
2018-01-05 14:11 - 2018-01-05 14:40 - 000000364 _____ C:\WINDOWS\Tasks\Online Application V2G4.job
2018-01-05 14:11 - 2018-01-05 14:40 - 000000364 _____ C:\WINDOWS\Tasks\Online Application V2G3.job
2018-01-05 14:11 - 2018-01-05 14:40 - 000000364 _____ C:\WINDOWS\Tasks\Online Application V2G2.job
2018-01-05 14:11 - 2018-01-05 14:40 - 000000364 _____ C:\WINDOWS\Tasks\Online Application V2G1.job
2018-01-05 14:11 - 2018-01-05 14:11 - 000003290 _____ C:\WINDOWS\System32\Tasks\Updater_Online_Application
2018-01-05 14:11 - 2018-01-05 14:11 - 000003254 _____ C:\WINDOWS\System32\Tasks\Online Application V2G6
2018-01-05 14:11 - 2018-01-05 14:11 - 000003254 _____ C:\WINDOWS\System32\Tasks\Online Application V2G5
2018-01-05 14:11 - 2018-01-05 14:11 - 000003254 _____ C:\WINDOWS\System32\Tasks\Online Application V2G4
2018-01-05 14:11 - 2018-01-05 14:11 - 000003254 _____ C:\WINDOWS\System32\Tasks\Online Application V2G3
2018-01-05 14:11 - 2018-01-05 14:11 - 000003254 _____ C:\WINDOWS\System32\Tasks\Online Application V2G2
2018-01-05 14:11 - 2018-01-05 14:11 - 000003254 _____ C:\WINDOWS\System32\Tasks\Online Application V2G1
2018-01-05 14:11 - 2018-01-05 14:11 - 000000000 ____D C:\Users\Hombre\AppData\Local\AdvinstAnalytics
2018-01-05 14:11 - 2018-01-05 14:11 - 000000000 ____D C:\Program Files (x86)\Microleaves
2018-01-05 14:10 - 2018-01-05 16:38 - 000016786 _____ C:\WINDOWS\System32\Tasks\Githulg0
2018-01-05 14:10 - 2018-01-05 16:32 - 000000000 ____D C:\Applications
2018-01-05 14:10 - 2018-01-05 16:13 - 000004504 __RSH C:\ProgramData\ntuser.pol
2018-01-05 14:10 - 2018-01-05 14:43 - 000000000 ____D C:\Program Files\Flashrupt
2018-01-05 14:10 - 2018-01-05 14:10 - 000000000 ____D C:\Users\Hombre\AppData\Local\AdService
2018-01-05 14:10 - 2015-10-27 23:14 - 000056624 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\netfilter64.sys
2018-01-04 10:48 - 2018-01-04 10:48 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-01-04 10:47 - 2018-01-04 10:51 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-01-01 18:16 - 2018-01-01 18:16 - 000000000 ____D C:\- Hombre
2017-12-31 13:23 - 2017-12-31 13:23 - 000000279 _____ C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2017-12-30 11:05 - 2016-08-17 13:59 - 000027912 _____ (Primax Electronics Ltd.) C:\WINDOWS\system32\Drivers\LEMo6022.SYS
2017-12-30 11:05 - 2016-08-17 13:59 - 000020720 _____ (Primax Electronics Ltd.) C:\WINDOWS\system32\Drivers\LEub6022.sys
2017-12-30 11:05 - 2016-08-17 13:59 - 000020208 _____ (Primax Electronics Ltd.) C:\WINDOWS\system32\Drivers\LECs6022.sys
2017-12-30 11:05 - 2016-07-11 16:55 - 000033048 _____ C:\WINDOWS\system32\Drivers\pelusblf.sys
2017-12-30 11:05 - 2016-07-11 16:38 - 000026880 _____ (TPMX Electronics Ltd.) C:\WINDOWS\system32\Drivers\PELMOUSE.SYS
2017-12-30 11:05 - 2016-07-11 16:38 - 000015032 _____ (TPMX Electronics Ltd.) C:\WINDOWS\system32\Drivers\PELVENDR.SYS
2017-12-29 15:20 - 2018-01-04 11:31 - 000001456 _____ C:\Users\Hombre\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-12-29 15:08 - 2017-12-29 15:08 - 000003602 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-HOMBRE-Hombre
2017-12-29 14:08 - 2017-12-29 14:08 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-12-29 14:08 - 2017-12-29 14:08 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\IrfanView
2017-12-29 14:08 - 2017-12-29 14:08 - 000000000 ____D C:\Program Files\IrfanView
2017-12-28 11:17 - 2018-01-02 13:37 - 000000000 ____D C:\- Work
2017-12-28 11:17 - 2017-12-28 11:19 - 000000000 ____D C:\- NiteoThemes
2017-12-27 15:22 - 2018-01-04 10:49 - 000000000 ____D C:\Users\Hombre\AppData\LocalLow\Adobe
2017-12-27 14:57 - 2017-12-27 14:57 - 000003638 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-G63PH12-Hombre
2017-12-27 14:57 - 2017-12-27 14:57 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-12-27 13:51 - 2017-12-27 13:51 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2017-12-27 13:46 - 2017-12-27 14:57 - 000000000 ____D C:\Users\Hombre\Documents\Adobe
2017-12-27 13:46 - 2017-12-27 13:46 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2017-12-27 13:46 - 2017-12-27 13:46 - 000000000 ____D C:\Users\Hombre\AppData\Local\DBG
2017-12-27 13:39 - 2017-12-27 13:51 - 000000000 ____D C:\Program Files\Adobe
2017-12-27 13:38 - 2017-12-27 13:46 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-12-27 13:32 - 2018-01-05 16:24 - 000000000 ___RD C:\Users\Hombre\Creative Cloud Files
2017-12-27 13:30 - 2017-12-27 13:30 - 000000000 ____D C:\Users\Hombre\AppData\Local\CEF
2017-12-27 13:29 - 2017-12-27 13:29 - 000001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-12-27 13:28 - 2018-01-05 14:48 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-27 13:27 - 2018-01-04 10:50 - 000000000 ____D C:\ProgramData\Adobe
2017-12-27 13:27 - 2018-01-04 10:47 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-12-27 13:26 - 2018-01-05 16:24 - 000000000 ____D C:\Users\Hombre\AppData\Local\Adobe
2017-12-27 12:57 - 2018-01-05 14:17 - 000000000 ____D C:\Users\Hombre\Documents\Outlook Files
2017-12-27 12:07 - 2017-12-28 11:11 - 000000000 ____D C:\ProgramData\KMSAutoS
2017-12-27 12:07 - 2017-12-27 12:07 - 000003786 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2017-12-27 12:03 - 2017-12-27 12:03 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-12-27 12:03 - 2017-12-27 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-12-27 12:01 - 2017-12-27 12:01 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-12-27 12:00 - 2017-12-29 14:47 - 000000000 ____D C:\Users\Hombre\AppData\Local\MSfree Inc
2017-12-27 12:00 - 2017-12-29 14:27 - 000000000 ____D C:\Program Files\KMSAuto Net 2015 v1.3.8 Portable
2017-12-27 11:49 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\LocalLow\uTorrent
2017-12-27 11:35 - 2018-01-05 16:24 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Spotify
2017-12-27 11:35 - 2018-01-05 16:13 - 000000000 ____D C:\Users\Hombre\AppData\Local\Spotify
2017-12-27 11:35 - 2017-12-27 11:35 - 000001841 _____ C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-12-27 11:18 - 2017-12-27 11:18 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\PotPlayerMini64
2017-12-27 11:18 - 2017-12-27 11:18 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Daum
2017-12-27 11:17 - 2017-12-27 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2017-12-27 11:17 - 2017-12-27 11:17 - 000000000 ____D C:\Program Files\DAUM
2017-12-27 10:26 - 2018-01-05 16:48 - 000000000 ____D C:\Download
2017-12-25 17:58 - 2017-12-29 14:14 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-12-25 17:39 - 2017-12-25 17:39 - 000000000 ____D C:\WINDOWS\PCHEALTH
2017-12-25 17:38 - 2017-12-25 17:38 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-12-25 17:38 - 2017-12-25 17:38 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-12-24 00:59 - 2017-12-24 00:59 - 000000000 ____D C:\Users\Hombre\AppData\Local\NetworkTiles
2017-12-22 15:11 - 2017-12-22 15:11 - 000000000 ____D C:\ProgramData\USOShared
2017-12-22 15:09 - 2018-01-05 16:17 - 001875740 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-22 15:09 - 2017-12-22 15:09 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-22 15:08 - 2017-12-22 15:08 - 000000020 ___SH C:\Users\Hombre\ntuser.ini
2017-12-22 15:08 - 2017-12-22 15:08 - 000000000 ___RD C:\Users\Hombre\3D Objects
2017-12-22 15:08 - 2017-12-22 15:08 - 000000000 ___HD C:\Users\Hombre\MicrosoftEdgeBackups
2017-12-22 15:08 - 2017-12-22 15:08 - 000000000 ____D C:\Users\Hombre\AppData\Local\MicrosoftEdge
2017-12-22 15:06 - 2018-01-05 16:13 - 000003536 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-12-22 15:06 - 2018-01-05 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-22 15:06 - 2017-12-22 15:06 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-22 15:06 - 2017-12-22 15:06 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-22 15:06 - 2017-12-22 15:06 - 000003454 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-12-22 15:06 - 2017-12-22 15:06 - 000003348 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A7EAB09F-400A-4BCB-BEC4-5431FBA90C36}
2017-12-22 15:06 - 2017-12-22 15:06 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-22 15:06 - 2017-12-22 15:06 - 000003230 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-12-22 15:06 - 2017-12-22 15:06 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-22 15:06 - 2017-12-22 15:06 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1316363965-161402098-3267105952-1002
2017-12-22 15:06 - 2017-12-22 15:06 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1316363965-161402098-3267105952-1001
2017-12-22 15:06 - 2017-12-22 15:06 - 000002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2017-12-22 15:06 - 2017-12-22 15:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-12-22 15:03 - 2018-01-05 14:44 - 000000000 ____D C:\Users\Hombre\AppData\Local\Packages
2017-12-22 15:03 - 2017-12-22 15:03 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-22 15:02 - 2018-01-05 16:12 - 000000000 ____D C:\Users\Hombre
2017-12-22 15:02 - 2018-01-05 16:11 - 000000000 ____D C:\Users\OEM
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Šablony
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Soubory cookie
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Poslední
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Okolní tiskárny
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Okolní síť
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Nabídka Start
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Dokumenty
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Documents\Obrázky
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Documents\Hudba
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Documents\Filmy
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\Data aplikací
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\OEM\AppData\Local\Data aplikací
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Šablony
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Soubory cookie
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Poslední
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Okolní tiskárny
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Okolní síť
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Nabídka Start
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Dokumenty
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Documents\Obrázky
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Documents\Hudba
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Documents\Filmy
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\Data aplikací
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 _SHDL C:\Users\Hombre\AppData\Local\Data aplikací
2017-12-22 15:02 - 2017-12-22 15:02 - 000000000 ____D C:\Program Files\Waves
2017-12-22 15:02 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-22 15:02 - 2016-10-24 18:08 - 000099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-22 15:01 - 2018-01-05 14:40 - 006393896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-22 15:01 - 2018-01-05 14:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-22 14:57 - 2017-12-22 14:59 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-22 14:56 - 2017-12-22 14:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-22 14:56 - 2017-12-22 14:56 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-22 14:54 - 2017-12-22 14:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-22 14:54 - 2017-12-22 14:54 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-22 14:54 - 2017-12-22 14:54 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-22 14:54 - 2017-12-22 14:54 - 000000000 ____D C:\Program Files\MSBuild
2017-12-22 14:54 - 2017-12-22 14:54 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-22 14:54 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-22 14:54 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-22 14:54 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-22 14:54 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-22 14:54 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-22 14:54 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-22 14:53 - 2017-09-28 19:05 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-12-22 14:53 - 2017-09-28 19:05 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-12-22 14:53 - 2017-09-28 18:56 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-12-22 14:53 - 2017-09-28 18:44 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-12-22 14:53 - 2017-09-28 18:38 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-12-22 14:49 - 2018-01-05 14:17 - 000000000 ____D C:\Users\Hombre\Documents\Soubory aplikace Outlook
2017-12-22 13:59 - 2017-12-22 13:59 - 000000000 ____D C:\Users\Hombre\AppData\Local\GHISLER
2017-12-22 13:58 - 2018-01-05 16:11 - 000000000 ____D C:\Program Files\totalcmd
2017-12-22 13:58 - 2017-12-22 15:04 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2017-12-22 13:53 - 2018-01-05 16:48 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\uTorrent
2017-12-22 13:53 - 2017-12-22 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-12-22 13:53 - 2017-12-22 13:53 - 000000877 _____ C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-12-22 13:23 - 2017-12-22 15:04 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-12-22 13:22 - 2017-12-22 13:22 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Google
2017-12-22 13:20 - 2017-12-22 15:07 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-22 13:20 - 2017-12-22 13:28 - 000000000 ____D C:\Users\Hombre\AppData\Local\Google
2017-12-22 13:20 - 2017-12-22 13:20 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-22 12:43 - 2018-01-05 10:40 - 000000000 ___RD C:\Users\Hombre\Dropbox
2017-12-22 12:42 - 2017-12-22 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-22 12:41 - 2017-12-22 12:41 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Dropbox
2017-12-22 12:40 - 2017-12-22 15:10 - 000000000 ____D C:\Users\Hombre\AppData\Local\Dropbox
2017-12-22 12:40 - 2017-12-22 15:06 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-12-22 12:40 - 2017-12-22 15:06 - 000000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-12-22 12:40 - 2017-12-22 12:42 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-12-22 12:40 - 2017-12-22 12:40 - 000000000 ____D C:\ProgramData\Dropbox
2017-12-22 12:36 - 2017-12-31 11:27 - 000000000 ____D C:\Users\Hombre\AppData\LocalLow\Mozilla
2017-12-22 12:36 - 2017-12-22 12:40 - 000000000 ____D C:\Users\Hombre\AppData\Local\Mozilla
2017-12-22 12:36 - 2017-12-22 12:36 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Mozilla
2017-12-22 11:46 - 2017-12-22 15:04 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2017-12-22 11:46 - 2017-12-22 11:46 - 000000000 ____D C:\Users\Hombre\AppData\Local\ConnectedDevicesPlatform
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Šablony
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Poslední
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Okolní síť
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Dokumenty
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\Data aplikací
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\ProgramData\Šablony
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\ProgramData\Plocha
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\ProgramData\Dokumenty
2017-12-22 11:39 - 2017-12-22 11:39 - 000000000 _SHDL C:\ProgramData\Data aplikací
2017-12-22 11:37 - 2017-12-22 15:06 - 000026432 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-22 11:32 - 2018-01-05 16:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-12-22 11:32 - 2018-01-05 16:11 - 000000000 ____D C:\Program Files\STMicroelectronics
2017-12-22 11:32 - 2017-12-22 15:02 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-22 11:32 - 2017-12-22 15:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-22 11:32 - 2017-12-22 15:02 - 000000000 ____D C:\Program Files\DellTPad
2017-12-22 11:32 - 2017-12-22 14:59 - 000000000 ____D C:\Program Files (x86)\Intel
2017-12-22 11:32 - 2017-12-22 14:57 - 000000000 ____D C:\Program Files\Realtek
2017-12-22 11:32 - 2017-12-22 14:57 - 000000000 ____D C:\Program Files\Intel
2017-12-22 11:32 - 2017-12-22 11:32 - 000000000 ____D C:\Program Files\DIFX
2017-12-22 11:32 - 2017-12-22 11:32 - 000000000 ____D C:\Program Files (x86)\Realtek
2017-12-22 11:32 - 2017-12-22 11:32 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-12-22 11:32 - 2017-12-22 11:32 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2017-12-22 11:32 - 2017-12-22 11:32 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2017-12-22 11:32 - 2017-12-22 11:32 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf
2017-12-22 11:32 - 2017-12-22 11:32 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2017-12-22 11:32 - 2015-01-09 10:25 - 000023216 _____ (ST Microelectronics) C:\WINDOWS\system32\Drivers\stdcfltn.sys
2017-12-22 11:29 - 2017-12-22 11:29 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-22 11:00 - 2017-12-22 13:29 - 000000036 _____ C:\WINDOWS\progress.ini
2017-12-22 10:59 - 2017-12-22 10:59 - 000000000 ____D C:\Users\Hombre\AppData\Local\Comms
2017-12-22 10:51 - 2017-12-22 10:51 - 000000000 ____D C:\Users\Hombre\AppData\Local\PeerDistRepub
2017-12-22 10:43 - 2018-01-05 16:11 - 000000000 ___HD C:\$GetCurrent
2017-12-22 10:43 - 2017-12-22 10:44 - 000002390 _____ C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-22 10:43 - 2017-12-22 10:44 - 000000000 ___RD C:\Users\Hombre\OneDrive
2017-12-22 10:43 - 2017-12-22 10:43 - 000000000 ____D C:\Users\Hombre\AppData\Local\ActiveSync
2017-12-22 10:42 - 2018-01-05 16:12 - 000000000 __SHD C:\Users\Hombre\IntelGraphicsProfiles
2017-12-22 10:42 - 2018-01-04 10:49 - 000000000 ____D C:\Users\Hombre\AppData\Roaming\Adobe
2017-12-22 10:42 - 2017-12-22 15:08 - 000000000 ____D C:\Users\Hombre\AppData\Local\TileDataLayer
2017-12-22 10:42 - 2017-12-22 10:42 - 000000000 ____D C:\Users\Hombre\AppData\Local\VirtualStore
2017-12-22 10:42 - 2017-12-22 10:42 - 000000000 ____D C:\Users\Hombre\AppData\Local\Publishers
2017-12-22 10:40 - 2017-12-22 15:04 - 000000000 ____D C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2017-12-22 09:37 - 2017-12-22 09:37 - 000000000 ____D C:\Users\OEM\AppData\Local\NetworkTiles
2017-12-21 20:54 - 2018-01-05 16:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-21 20:54 - 2018-01-05 14:42 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-21 20:54 - 2017-12-22 09:23 - 000000000 ____D C:\Users\OEM\AppData\LocalLow\Mozilla
2017-12-21 20:54 - 2017-12-21 21:47 - 000000000 ____D C:\Users\OEM\AppData\Local\Mozilla
2017-12-21 20:54 - 2017-12-21 20:54 - 000000000 ____D C:\Users\OEM\AppData\Roaming\Mozilla
2017-12-14 02:35 - 2018-01-05 16:11 - 000000000 ____D C:\WINDOWS\containers
2017-12-14 02:34 - 2017-12-22 14:54 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001490840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-14 02:34 - 2017-12-14 02:34 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-14 02:34 - 2017-12-14 02:34 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000669592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-14 02:34 - 2017-12-14 02:34 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 02:34 - 2017-12-14 02:34 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 02:34 - 2017-12-14 02:34 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterShim.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-14 02:34 - 2017-12-14 02:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-05 16:44 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-05 16:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-05 16:38 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-05 16:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-05 16:38 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Githulg0
2018-01-05 16:17 - 2017-09-30 15:30 - 000804106 _____ C:\WINDOWS\system32\perfh005.dat
2018-01-05 16:17 - 2017-09-30 15:30 - 000166104 _____ C:\WINDOWS\system32\perfc005.dat
2018-01-05 16:11 - 2017-09-30 15:32 - 000000000 ___SD C:\WINDOWS\system32\AppV
2018-01-05 16:11 - 2017-09-30 15:32 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\setup
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\L2Schemas
2018-01-05 16:11 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2018-01-05 16:11 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-05 16:11 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-01-05 16:11 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-05 16:11 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\servicing
2018-01-05 16:11 - 2017-07-26 05:08 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-05 16:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\registration
2018-01-05 14:40 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\OCR
2018-01-05 14:40 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-05 14:14 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-04 16:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Cursors
2018-01-02 09:07 - 2017-11-11 15:17 - 000000000 ____D C:\Program Files\Microsoft Office
2017-12-30 22:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-30 11:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-29 14:15 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-29 14:14 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-25 18:04 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2017-12-25 18:04 - 2017-07-26 05:08 - 000000167 _____ C:\WINDOWS\win.ini
2017-12-25 17:46 - 2017-11-11 15:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-25 17:41 - 2017-11-11 15:44 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-25 17:41 - 2017-11-11 15:44 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-22 15:24 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-12-22 15:08 - 2017-10-14 16:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-22 15:07 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-22 15:07 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-22 15:06 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-22 15:04 - 2017-11-11 15:21 - 000000000 ____D C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-12-22 15:03 - 2017-10-14 16:33 - 000000000 ____D C:\Users\OEM\AppData\Local\Packages
2017-12-22 15:02 - 2017-11-11 15:20 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2017-12-22 15:01 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-22 14:59 - 2017-11-11 16:14 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-12-22 14:59 - 2017-11-11 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-12-22 14:59 - 2017-11-11 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-12-22 14:59 - 2017-11-11 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-12-22 14:59 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-22 14:59 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-22 14:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-22 14:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-22 14:59 - 2017-07-26 05:08 - 000000000 ____D C:\WINDOWS\ShellNew
2017-12-22 14:59 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-22 14:57 - 2017-11-11 16:14 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2017-12-22 14:57 - 2017-11-11 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-12-22 14:57 - 2017-11-11 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-12-22 14:56 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-12-22 14:56 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-12-22 14:56 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-12-22 14:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-12-22 14:56 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-22 14:56 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-22 14:56 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-12-22 14:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-22 14:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-22 13:29 - 2017-10-14 16:34 - 000000000 ____D C:\Windows10Upgrade
2017-12-22 10:42 - 2017-10-14 16:34 - 000000817 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2017-12-22 10:40 - 2017-10-14 16:33 - 000000000 __SHD C:\Users\OEM\IntelGraphicsProfiles
2017-12-22 09:15 - 2017-10-14 16:35 - 000002381 _____ C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-22 09:15 - 2017-10-14 16:35 - 000000000 ___RD C:\Users\OEM\OneDrive
2017-12-19 18:16 - 2017-11-11 15:17 - 000000000 ____D C:\Users\OEM\AppData\Local\Microsoft Help
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-14 02:36 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-14 02:36 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-14 02:36 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-12-29 15:20 - 2018-01-04 11:31 - 000001456 _____ () C:\Users\Hombre\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-01-05 14:13 - 2018-01-05 14:13 - 000011568 _____ () C:\Users\Hombre\AppData\Local\InstallationConfiguration.xml
2018-01-05 14:13 - 2018-01-05 14:13 - 000140800 _____ () C:\Users\Hombre\AppData\Local\installer.dat
2018-01-05 14:13 - 2018-01-05 16:13 - 000930816 _____ () C:\Users\Hombre\AppData\Local\po.db

Files to move or delete:
====================
C:\Users\Hombre\AppData\Roaming\gplyra\gplyra.exe
C:\Users\Hombre\AppData\Local\Temp\is-BGB7F.tmp\up.exe
C:\Users\Hombre\AppData\Local\Temp\is-T9114.tmp\up.exe
C:\WINDOWS\TEMP\gE2DE.tmp.exe
C:\Users\Hombre\AppData\Local\Temp\is-1PIU6.tmp\up.exe
C:\Users\Hombre\AppData\Local\Temp\is-41IEU.tmp\up.exe


Some files in TEMP:
====================
2018-01-05 14:46 - 2018-01-05 14:46 - 000054784 _____ (BUMVPN) C:\Users\Hombre\AppData\Local\Temp\DNUQH6ZON3RD.exe
2018-01-05 16:18 - 2018-01-05 16:18 - 000000000 _____ () C:\Users\Hombre\AppData\Local\Temp\icq.exe
2018-01-05 14:41 - 2018-01-05 14:41 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\ipUhjVntrZU8spqJbLCo(C).exe
2018-01-05 14:41 - 2018-01-05 14:41 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\ipUhjVntrZU8spqJbLCo.exe
2017-12-29 14:08 - 2017-12-29 13:52 - 000141280 _____ (Irfan Skiljan, IrfanView) C:\Users\Hombre\AppData\Local\Temp\iv_uninstall.exe
2018-01-05 16:13 - 2018-01-05 16:13 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\J6P56v9DFySgvAtu9Uyz(C).exe
2018-01-05 16:13 - 2018-01-05 16:13 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\J6P56v9DFySgvAtu9Uyz.exe
2018-01-05 14:38 - 2018-01-05 14:38 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\jYixy0uFy8RNxkqmVgIW(C).exe
2018-01-05 14:38 - 2018-01-05 14:38 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\jYixy0uFy8RNxkqmVgIW.exe
2018-01-05 14:29 - 2018-01-05 14:29 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\M6TNvxjUmaqQ5pxdfP7I(C).exe
2018-01-05 14:29 - 2018-01-05 14:29 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\M6TNvxjUmaqQ5pxdfP7I.exe
2018-01-05 14:41 - 2018-01-05 14:41 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\UQPR0gyiC2uAa8uoHYsA(C).exe
2018-01-05 14:41 - 2018-01-05 14:41 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\UQPR0gyiC2uAa8uoHYsA.exe
2018-01-05 16:13 - 2018-01-05 16:13 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\wQfMuUkgd8Eji85nOtza(C).exe
2018-01-05 16:13 - 2018-01-05 16:13 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\wQfMuUkgd8Eji85nOtza.exe
2018-01-05 14:46 - 2018-01-05 14:46 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\xdXy5YDJgjyON20jSLp3(C).exe
2018-01-05 14:46 - 2018-01-05 14:46 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\xdXy5YDJgjyON20jSLp3.exe
2018-01-05 14:14 - 2018-01-05 14:14 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\xOK0ADPzDP9rg6AZQsIN(C).exe
2018-01-05 14:14 - 2018-01-05 14:14 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\xOK0ADPzDP9rg6AZQsIN.exe
2018-01-05 14:32 - 2018-01-05 14:33 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\ydcBOzfhd2k8cECG0ckR(C).exe
2018-01-05 14:32 - 2018-01-05 14:32 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\ydcBOzfhd2k8cECG0ckR.exe
2018-01-05 14:41 - 2018-01-05 14:41 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\YWn4AEu2vYaXh5OxLpAo(C).exe
2018-01-05 14:41 - 2018-01-05 14:41 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\YWn4AEu2vYaXh5OxLpAo.exe
2018-01-05 14:16 - 2018-01-05 14:16 - 003790848 _____ () C:\Users\Hombre\AppData\Local\Temp\Z1OV9AixMK8afhKlSGuZ(C).exe
2018-01-05 14:16 - 2018-01-05 14:16 - 000314368 _____ (vsbf) C:\Users\Hombre\AppData\Local\Temp\Z1OV9AixMK8afhKlSGuZ.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-01 16:24

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:237.14 GB) (Free:121.68 GB) NTFS

Available physical RAM: 3771.41 MB
Total physical RAM: 8064.3 MB
Percentage of memory in use: 53%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 2F610EE9)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=868 MB) - (Type=27)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hombre\Desktop" je 10 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

 
==================== End Of Log ==============================
