dobrý večer, prosím o pomoc při čistění notebooku s win 10 kde byl odstaven (doslova zničen) windows defender a počítač se zaviroval - nainstaloval se duplicitní chrome atd
čistil už jsem Spyware Doctorem 8
Adwcleanerem
nainstalováno a několikrát testováno Eset smart security 8 - celkem asi 40 hrozeb odstraněno včetně v operační paměti
ale pokaždé to něco najde - nové složky se vytváří pc při spouštění aplikací zamrzá
virus kitty zdá se konečně smazán
zde log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Laborka at 2017-05-17 22:26:29
Microsoft Windows 10 Home
System drive C: has 79 GB (66%) free of 121 GB
Total RAM: 3529 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:26:30, on 17.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
C:\Program Files\trend micro\Laborka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{e2fbd850-152e-409a-b4a8-1e04f63f507f}: NameServer = 80.250.1.161,8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - HP Inc. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: @oem24.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 11543 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6c35fc77-49cc-490d-a8d0-b73846135b71 -SystemEventPortName:HostProcess-031712f4-c341-4f13-afd8-02c2e891a06c -IoCancelEventPortName:HostProcess-7e186bba-730e-4772-aeaf-c265bb608fd0 -NonStateChangingEventPortName:HostProcess-3d7ddf90-27a7-4f44-a808-1ed247017469 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:85beac21-cb08-4dec-a0d1-0ae105b3f783 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\WLANExt.exe 2615850522576
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\System32\svchost.exe -k utcsvc
sihost.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
dashost.exe {68cd0424-8b67-4e96-a453dec6c0055a86}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
"c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4292.0.752823003\539980408" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 4292 "\\.\pipe\gecko-crash-server-pipe.4292" gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4292.2.2050773524\36921194" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 4292 "\\.\pipe\gecko-crash-server-pipe.4292" tab
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Laborka\Documents\Petr data\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForLaborka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLaborka (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll
C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default\searchplugins\
zjfprl6w.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-14 214216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-14 3066672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-12-20 414920]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-02-25 8848640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe -autorun []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2016-01-11 657424]
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{786FA74C-12EF-11E7-8DF3-64006A5CFC23}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe]
"Debugger="324095823984.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdaterService.exe]
"Debugger="8736459873644.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 2 months======
2017-05-17 22:19:25 ----D---- C:\rsit
2017-05-17 22:19:25 ----D---- C:\Program Files\trend micro
2017-05-17 21:24:40 ----D---- C:\ProgramData\HoboSoft
2017-05-17 21:12:16 ----D---- C:\Program Files\Mozilla Firefox
2017-05-17 19:42:50 ----D---- C:\WINDOWS\Minidump
2017-05-17 19:31:28 ----D---- C:\AdwCleaner
2017-05-17 14:26:43 ----D---- C:\Users\Laborka\AppData\Roaming\ESET
2017-05-17 14:26:15 ----D---- C:\Users\Laborka\AppData\Roaming\Synaptics
2017-05-17 14:17:37 ----A---- C:\WINDOWS\system32\drivers\Cat.DB
2017-05-17 14:17:24 ----D---- C:\Program Files (x86)\PC Tools Security
2017-05-17 12:11:38 ----D---- C:\ProgramData\ESET
2017-05-17 12:11:38 ----D---- C:\Program Files\ESET
2017-05-16 20:10:50 ----AD---- C:\Program Files\CCleaner
2017-05-16 19:18:48 ----D---- C:\WINDOWS\system32\UNP
2017-05-16 19:18:48 ----AD---- C:\Program Files\UNP
2017-05-16 19:09:47 ----D---- C:\Terward
2017-05-10 19:03:41 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-05-10 19:03:40 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2017-05-10 19:03:40 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-05-10 19:03:40 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2017-05-10 19:03:40 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-05-10 19:03:39 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-05-10 19:03:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 19:03:38 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-05-10 19:03:37 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-05-10 19:03:37 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2017-05-10 19:03:37 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-05-10 19:03:37 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-05-10 19:03:36 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-05-10 19:03:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2017-05-10 19:03:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-05-10 19:03:36 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2017-05-10 19:03:35 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2017-05-10 19:03:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 19:03:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2017-05-10 19:03:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-05-10 19:03:35 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-05-10 19:03:35 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-05-10 19:03:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 19:03:34 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-05-10 19:03:33 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2017-05-10 19:03:33 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-05-10 19:03:33 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2017-05-10 19:03:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-05-10 19:03:32 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-05-10 19:03:31 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-05-10 19:03:31 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-05-10 19:03:31 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-05-10 19:03:31 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-05-10 19:03:30 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2017-05-10 19:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2017-05-10 19:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 19:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2017-05-10 19:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2017-05-10 19:03:29 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2017-05-10 19:03:28 ----A---- C:\WINDOWS\SYSWOW64\CryptoWinRT.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll
2017-05-10 19:03:27 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\WinRtTracing.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2017-05-10 19:03:26 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-05-10 19:03:25 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-05-10 19:03:24 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2017-05-10 19:03:23 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-05-10 19:03:23 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-05-10 19:03:23 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-05-10 19:03:23 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2017-05-10 19:03:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2017-05-10 19:03:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 19:03:22 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-05-10 19:03:22 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2017-05-10 19:03:22 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-05-10 19:03:21 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-05-10 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-05-10 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-05-10 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-05-10 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2017-05-10 19:03:20 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-05-10 19:03:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-05-10 19:03:19 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2017-05-10 19:03:19 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-05-10 19:03:19 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-05-10 19:03:19 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-05-10 19:03:18 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-05-10 19:03:18 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-05-10 19:03:18 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-05-10 19:03:17 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-05-10 19:03:17 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-05-10 19:03:17 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-05-10 19:03:16 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-05-10 19:03:16 ----A---- C:\WINDOWS\SYSWOW64\wsp_sr.dll
2017-05-10 19:03:16 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2017-05-10 19:03:16 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-05-10 19:03:16 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2017-05-10 19:03:16 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-05-10 19:03:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 19:03:15 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2017-05-10 19:03:15 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2017-05-10 19:03:15 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-05-10 19:03:15 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-05-10 19:03:15 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2017-05-10 19:03:15 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2017-05-10 19:03:14 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2017-05-10 19:03:14 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-05-10 19:03:14 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2017-05-10 19:03:14 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-05-10 19:03:14 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2017-05-10 19:03:14 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-05-10 19:03:14 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2017-05-10 19:03:14 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\SYSWOW64\adsnt.dll
2017-05-10 19:03:13 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\setupugc.exe
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2017-05-10 19:03:12 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Energy.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\imapi2.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-05-10 19:03:11 ----A---- C:\WINDOWS\SYSWOW64\CameraCaptureUI.dll
2017-05-10 19:03:10 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll
2017-05-10 19:03:10 ----A---- C:\WINDOWS\SYSWOW64\BthTelemetry.dll
2017-05-10 19:03:09 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2017-05-10 19:03:09 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 19:03:08 ----A---- C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 19:03:08 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 19:03:08 ----A---- C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 19:03:08 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 19:03:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\WwaApi.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 19:03:07 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-05-10 19:03:06 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-05-10 19:03:06 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 19:03:06 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 19:03:06 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-05-10 19:03:05 ----A---- C:\WINDOWS\system32\usocore.dll
2017-05-10 19:03:04 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-05-10 19:03:04 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-05-10 19:02:59 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 19:02:56 ----A---- C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 19:02:55 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 19:02:55 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 19:02:55 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 19:02:55 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 19:02:55 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-05-10 19:02:54 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 19:02:54 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 19:02:54 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 19:02:54 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 19:02:54 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 19:02:54 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 19:02:53 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 19:02:53 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 19:02:53 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 19:02:53 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 19:02:53 ----A---- C:\WINDOWS\system32\EmailApis.dll
2017-05-10 19:02:52 ----A---- C:\WINDOWS\system32\wpnapps.dll
2017-05-10 19:02:52 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 19:02:52 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 19:02:52 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 19:02:51 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-05-10 19:02:51 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 19:02:51 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 19:02:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 19:02:50 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-05-10 19:02:49 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-05-10 19:02:49 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-05-10 19:02:49 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 19:02:48 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 19:02:48 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-05-10 19:02:48 ----A---- C:\WINDOWS\system32\localspl.dll
2017-05-10 19:02:47 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-05-10 19:02:47 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 19:02:47 ----A---- C:\WINDOWS\system32\shell32.dll
2017-05-10 19:02:46 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 19:02:45 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 19:02:45 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-05-10 19:02:44 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-05-10 19:02:44 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-05-10 19:02:43 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-05-10 19:02:43 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 19:02:43 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 19:02:43 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 19:02:42 ----A---- C:\WINDOWS\system32\wmp.dll
2017-05-10 19:02:42 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 19:02:42 ----A---- C:\WINDOWS\system32\puiobj.dll
2017-05-10 19:02:41 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 19:02:40 ----A---- C:\WINDOWS\system32\wpncore.dll
2017-05-10 19:02:40 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 19:02:40 ----A---- C:\WINDOWS\system32\services.exe
2017-05-10 19:02:40 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 19:02:40 ----A---- C:\WINDOWS\system32\mf.dll
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\usercpl.dll
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\mprddm.dll
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-05-10 19:02:39 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-05-10 19:02:38 ----A---- C:\WINDOWS\system32\wiaservc.dll
2017-05-10 19:02:38 ----A---- C:\WINDOWS\system32\tsmf.dll
2017-05-10 19:02:38 ----A---- C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 19:02:38 ----A---- C:\WINDOWS\system32\msi.dll
2017-05-10 19:02:38 ----A---- C:\WINDOWS\system32\mfps.dll
2017-05-10 19:02:38 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-05-10 19:02:37 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 19:02:37 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2017-05-10 19:02:34 ----A---- C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 19:02:34 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 19:02:28 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 19:02:28 ----A---- C:\WINDOWS\system32\Unistore.dll
2017-05-10 19:02:28 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-05-10 19:02:28 ----A---- C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 19:02:28 ----A---- C:\WINDOWS\system32\fvewiz.dll
2017-05-10 19:02:28 ----A---- C:\WINDOWS\system32\fvecpl.dll
2017-05-10 19:02:27 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-05-10 19:02:27 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-05-10 19:02:27 ----A---- C:\WINDOWS\system32\wksprt.exe
2017-05-10 19:02:27 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-05-10 19:02:27 ----A---- C:\WINDOWS\system32\rdpclip.exe
2017-05-10 19:02:27 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-05-10 19:02:27 ----A---- C:\WINDOWS\system32\rastls.dll
2017-05-10 19:02:27 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 19:02:27 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2017-05-10 19:02:26 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-05-10 19:02:24 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-05-10 19:02:24 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-05-10 19:02:23 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-05-10 19:02:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-05-10 19:02:23 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 19:02:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-05-10 19:02:22 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-05-10 19:02:21 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-05-10 19:02:21 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-05-10 19:02:20 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-05-10 19:02:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-05-10 19:02:20 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-05-10 19:02:19 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 19:02:19 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-05-10 19:02:19 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-05-10 19:02:19 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 19:02:19 ----A---- C:\WINDOWS\system32\Geolocation.dll
2017-05-10 19:02:19 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-05-10 19:02:18 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-05-10 19:02:18 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 19:02:17 ----A---- C:\WINDOWS\system32\wininet.dll
2017-05-10 19:02:17 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-05-10 19:02:17 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 19:02:16 ----A---- C:\WINDOWS\system32\ole32.dll
2017-05-10 19:02:16 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 19:02:16 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 19:02:16 ----A---- C:\WINDOWS\system32\msdtctm.dll
2017-05-10 19:02:15 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 19:02:15 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 19:02:15 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 19:02:15 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-05-10 19:02:15 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-05-10 19:02:14 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 19:02:14 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 19:02:14 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 19:02:14 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 19:02:14 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 19:02:13 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 19:02:13 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 19:02:13 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 19:02:13 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 19:02:13 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 19:02:12 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-05-10 19:02:11 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-05-10 19:02:10 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 19:02:10 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 19:02:10 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 19:02:10 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-05-10 19:02:10 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 19:02:10 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 19:02:10 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 19:02:09 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 19:02:08 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 19:02:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-05-10 19:02:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-05-10 19:02:05 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-05-10 19:02:05 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 19:02:05 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 19:02:05 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 19:02:05 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-05-10 19:02:05 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-05-10 19:02:04 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-05-10 19:02:03 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 19:02:03 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-05-10 19:02:03 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-05-10 19:02:02 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-05-10 19:02:02 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2017-05-10 19:02:02 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 19:02:01 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-05-10 19:02:01 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-05-10 19:02:01 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 19:02:00 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 19:02:00 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 19:02:00 ----A---- C:\WINDOWS\system32\thumbcache.dll
2017-05-10 19:02:00 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-05-10 19:01:59 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-05-10 19:01:59 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 19:01:59 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 19:01:59 ----A---- C:\WINDOWS\system32\browser_broker.exe
2017-05-10 19:01:58 ----A---- C:\WINDOWS\system32\credprovhost.dll
2017-05-10 19:01:58 ----A---- C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\shutdownux.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\dialclient.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 19:01:57 ----A---- C:\WINDOWS\system32\catsrvps.dll
2017-05-10 19:01:56 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-05-10 19:01:56 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-05-10 19:01:55 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-05-10 19:01:55 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-05-10 19:01:55 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-05-10 19:01:53 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 19:01:52 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 19:01:52 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 19:01:52 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 19:01:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 19:01:51 ----A---- C:\WINDOWS\system32\oleacc.dll
2017-05-10 19:01:51 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-05-10 19:01:51 ----A---- C:\WINDOWS\system32\dlnashext.dll
2017-05-10 19:01:50 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-05-10 19:01:50 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 19:01:50 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-05-10 19:01:50 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 19:01:49 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 19:01:49 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-05-10 19:01:49 ----A---- C:\WINDOWS\system32\AppContracts.dll
2017-05-10 19:01:48 ----A---- C:\WINDOWS\system32\twinui.dll
2017-05-10 19:01:48 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-05-10 19:01:48 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 19:01:48 ----A---- C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 19:01:45 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 19:01:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 19:01:45 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 19:01:45 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-05-10 19:01:45 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\Family.Client.dll
2017-05-10 19:01:44 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 19:01:43 ----A---- C:\WINDOWS\system32\WinTypes.dll
2017-05-10 19:01:43 ----A---- C:\WINDOWS\system32\mispace.dll
2017-05-10 19:01:43 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 19:01:43 ----A---- C:\WINDOWS\system32\combase.dll
2017-05-10 19:01:42 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-05-10 19:01:42 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 19:01:42 ----A---- C:\WINDOWS\system32\storagewmi.dll
2017-05-10 19:01:42 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-05-10 19:01:42 ----A---- C:\WINDOWS\explorer.exe
2017-05-10 19:01:41 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 19:01:41 ----A---- C:\WINDOWS\system32\usermgr.dll
2017-05-10 19:01:41 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-10 19:01:41 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-05-10 19:01:40 ----A---- C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 19:01:40 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-05-10 19:01:40 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-05-10 19:01:40 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-05-10 19:01:40 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-05-10 19:01:40 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 19:01:40 ----A---- C:\WINDOWS\system32\crypt32.dll
2017-05-10 19:01:39 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 19:01:39 ----A---- C:\WINDOWS\system32\uReFS.dll
2017-05-10 19:01:39 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 19:01:39 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 19:01:39 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 19:01:39 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 19:01:39 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-05-10 19:01:38 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 19:01:38 ----A---- C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 19:01:38 ----A---- C:\WINDOWS\system32\resutils.dll
2017-05-10 19:01:38 ----A---- C:\WINDOWS\system32\kernel32.dll
2017-05-10 19:01:38 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 19:01:38 ----A---- C:\WINDOWS\system32\authui.dll
2017-05-10 19:01:37 ----A---- C:\WINDOWS\system32\wbengine.exe
2017-05-10 19:01:37 ----A---- C:\WINDOWS\system32\VSSVC.exe
2017-05-10 19:01:37 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-05-10 19:01:37 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-05-10 19:01:37 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 19:01:37 ----A---- C:\WINDOWS\system32\dafBth.dll
2017-05-10 19:01:37 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\wimserv.exe
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\wimgapi.dll
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\spwizeng.dll
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\spaceman.exe
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\input.dll
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 19:01:36 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\virtdisk.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\vds.exe
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\LocationApi.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\CPFilters.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\bthserv.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 19:01:35 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\vaultcli.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\imapi2.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\appidsvc.dll
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 19:01:34 ----A---- C:\WINDOWS\system32\adsnt.dll
2017-05-09 15:23:47 ----D---- C:\Reaqapytegupy
2017-04-24 21:52:02 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2017-04-24 21:52:00 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-04-24 21:51:58 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-04-24 21:51:58 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-04-24 21:51:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2017-04-24 21:51:57 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-04-24 21:51:57 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2017-04-24 21:51:57 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-24 21:51:55 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-04-24 21:51:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll
2017-04-24 21:51:53 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-04-24 21:51:53 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2017-04-24 21:51:52 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2017-04-24 21:51:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2017-04-24 21:51:52 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-04-24 21:51:52 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2017-04-24 21:51:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll
2017-04-24 21:51:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2017-04-24 21:51:51 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-24 21:51:49 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2017-04-24 21:51:48 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2017-04-24 21:51:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-24 21:51:48 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-04-24 21:51:48 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2017-04-24 21:51:48 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-24 21:51:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-24 21:51:47 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll
2017-04-24 21:51:47 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2017-04-24 21:51:45 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-04-24 21:51:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-24 21:51:45 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-24 21:51:45 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2017-04-24 21:51:44 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-04-24 21:51:44 ----A---- C:\WINDOWS\SYSWOW64\sbe.dll
2017-04-24 21:51:44 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-04-24 21:51:44 ----A---- C:\WINDOWS\SYSWOW64\ipsmsnap.dll
2017-04-24 21:51:44 ----A---- C:\WINDOWS\SYSWOW64\ipsecsnp.dll
2017-04-24 21:51:44 ----A---- C:\WINDOWS\SYSWOW64\apds.dll
2017-04-24 21:51:44 ----A---- C:\WINDOWS\system32\drivers\BasicDisplay.sys
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\XblAuthTokenBrokerExt.dll
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\XblAuthManagerProxy.dll
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.HostName.dll
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-04-24 21:51:43 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2017-04-24 21:51:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-04-24 21:51:42 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-04-24 21:51:41 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-24 21:51:40 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-24 21:51:36 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-24 21:51:35 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-24 21:51:29 ----A---- C:\WINDOWS\system32\mos.dll
2017-04-24 21:51:26 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-24 21:51:25 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-04-24 21:51:23 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-24 21:51:23 ----A---- C:\WINDOWS\system32\LsaIso.exe
2017-04-24 21:51:23 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-04-24 21:51:22 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-24 21:51:22 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-24 21:51:21 ----A---- C:\WINDOWS\system32\wscapi.dll
2017-04-24 21:51:21 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-24 21:51:21 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-24 21:51:21 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-24 21:51:20 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-24 21:51:20 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2017-04-24 21:51:12 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-24 21:51:11 ----A---- C:\WINDOWS\system32\wpninprc.dll
2017-04-24 21:51:11 ----A---- C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-24 21:50:58 ----A---- C:\WINDOWS\system32\quartz.dll
2017-04-24 21:50:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-04-24 21:50:57 ----A---- C:\WINDOWS\HelpPane.exe
2017-04-24 21:50:51 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-24 21:50:51 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-24 21:50:51 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-24 21:50:51 ----A---- C:\WINDOWS\system32\asycfilt.dll
2017-04-24 21:50:50 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-24 21:50:50 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-24 21:50:50 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-24 21:50:50 ----A---- C:\WINDOWS\system32\dafpos.dll
2017-04-24 21:50:49 ----A---- C:\WINDOWS\system32\FontProvider.dll
2017-04-24 21:50:48 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-24 21:50:47 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2017-04-24 21:50:47 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-04-24 21:50:47 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-24 21:50:47 ----A---- C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-24 21:50:46 ----A---- C:\WINDOWS\system32\CastLaunch.dll
2017-04-24 21:50:41 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-24 21:50:41 ----A---- C:\WINDOWS\system32\actxprxy.dll
2017-04-24 21:50:40 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-04-24 21:50:39 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-04-24 21:50:38 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-04-24 21:50:37 ----A---- C:\WINDOWS\system32\sbe.dll
2017-04-24 21:50:37 ----A---- C:\WINDOWS\system32\qedit.dll
2017-04-24 21:50:37 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-04-24 21:50:37 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2017-04-24 21:50:36 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-24 21:50:36 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-24 21:50:36 ----A---- C:\WINDOWS\system32\wer.dll
2017-04-24 21:50:36 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-24 21:50:36 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-24 21:50:35 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-24 21:50:35 ----A---- C:\WINDOWS\system32\invagent.dll
2017-04-24 21:50:35 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2017-04-24 21:50:35 ----A---- C:\WINDOWS\system32\devinv.dll
2017-04-24 21:50:35 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-04-24 21:50:34 ----A---- C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-24 21:50:34 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-24 21:50:34 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-04-24 21:50:34 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-24 21:50:34 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-04-24 21:50:34 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-04-24 21:50:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-04-24 21:50:32 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-04-24 21:50:31 ----A---- C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-24 21:50:31 ----A---- C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-24 21:50:31 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-24 21:50:31 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2017-04-24 21:50:31 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-24 21:50:31 ----A---- C:\WINDOWS\system32\cdp.dll
2017-04-24 21:50:30 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-04-24 10:16:17 ----D---- C:\WINDOWS\psgo
2017-04-18 10:59:08 ----D---- C:\WINDOWS\Update
2017-04-13 20:26:44 ----A---- C:\WINDOWS\system32\ibtproppage.dll
2017-04-06 13:43:08 ----D---- C:\WINDOWS\system32\log
2017-04-05 12:12:06 ----D---- C:\Update
2017-04-05 12:12:06 ----D---- C:\Program Files (x86)\MIO
2017-04-05 12:06:51 ----A---- C:\WINDOWS\system32\drivers\PROCEXP152.SYS
2017-04-05 12:06:41 ----D---- C:\Program Files (x86)\zjfprl6w
2017-04-02 08:15:32 ----A---- C:\WINDOWS\system32\UNPUXWorker.exe
2017-03-31 10:58:36 ----D---- C:\Program Files (x86)\Microsoft Works
2017-03-31 10:58:26 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2017-03-31 10:58:10 ----D---- C:\WINDOWS\PCHEALTH
2017-03-31 10:56:51 ----D---- C:\Program Files\Microsoft Office
2017-03-31 10:56:48 ----AD---- C:\Program Files (x86)\Microsoft Visual Studio 8
2017-03-31 10:56:33 ----D---- C:\WINDOWS\SHELLNEW
2017-03-31 10:56:26 ----D---- C:\ProgramData\Microsoft Help
2017-03-31 10:56:19 ----RHD---- C:\MSOCache
2017-03-31 10:48:15 ----D---- C:\Program Files (x86)\Qzileroqusp Configuration
2017-03-31 10:48:14 ----D---- C:\Users\Laborka\AppData\Roaming\Profiles
2017-03-31 10:45:02 ----A---- C:\WINDOWS\system32\drivers\dtliteusbbus.sys
2017-03-31 10:44:57 ----A---- C:\WINDOWS\system32\drivers\dtlitescsibus.sys
2017-03-31 10:44:49 ----D---- C:\Program Files\DAEMON Tools Lite
2017-03-31 10:44:32 ----D---- C:\ProgramData\DAEMON Tools Lite
======List of files/folders modified in the last 2 months======
2017-05-17 22:26:18 ----D---- C:\WINDOWS\Temp
2017-05-17 22:19:30 ----D---- C:\WINDOWS\Prefetch
2017-05-17 22:19:25 ----RD---- C:\Program Files
2017-05-17 22:01:28 ----D---- C:\WINDOWS\System32
2017-05-17 22:01:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 21:57:13 ----D---- C:\WINDOWS\system32\sru
2017-05-17 21:57:02 ----SHD---- C:\System Volume Information
2017-05-17 21:57:02 ----D---- C:\WINDOWS\system32\drivers
2017-05-17 21:57:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-17 21:57:02 ----D---- C:\Program Files (x86)\Common Files
2017-05-17 21:56:31 ----HD---- C:\ProgramData
2017-05-17 21:56:14 ----AD---- C:\ProgramData\Temp
2017-05-17 21:56:08 ----D---- C:\Windows
2017-05-17 21:52:10 ----D---- C:\WINDOWS\system32\config
2017-05-17 21:51:17 ----SHDC---- C:\WINDOWS\Installer
2017-05-17 21:50:11 ----SHD---- C:\Config.Msi
2017-05-17 21:47:15 ----D---- C:\WINDOWS\system32\Tasks
2017-05-17 21:20:33 ----D---- C:\WINDOWS\system32\SleepStudy
2017-05-17 19:58:43 ----D---- C:\WINDOWS\Tasks
2017-05-17 19:47:10 ----RD---- C:\Program Files (x86)
2017-05-17 19:43:28 ----D---- C:\WINDOWS\INF
2017-05-17 19:28:02 ----D---- C:\Users\Laborka\AppData\Roaming\Mozilla
2017-05-17 18:37:55 ----SD---- C:\Users\Laborka\AppData\Roaming\Microsoft
2017-05-17 18:35:08 ----D---- C:\WINDOWS\SYSWOW64\Com
2017-05-17 18:35:08 ----D---- C:\WINDOWS\SysWOW64
2017-05-17 18:35:08 ----D---- C:\Program Files (x86)\Windows Media Player
2017-05-17 14:26:21 ----D---- C:\Program Files (x86)\Dropbox
2017-05-17 14:26:04 ----D---- C:\Users\Laborka\AppData\Roaming\Hewlett-Packard
2017-05-17 14:26:04 ----D---- C:\Users\Laborka\AppData\Roaming\DropboxOEM
2017-05-17 14:26:04 ----D---- C:\Users\Laborka\AppData\Roaming\Adobe
2017-05-17 14:26:02 ----RD---- C:\Users
2017-05-17 14:26:01 ----SHD---- C:\Recovery
2017-05-17 14:26:01 ----SD---- C:\ProgramData\Microsoft
2017-05-17 14:26:01 ----AHD---- C:\SYSTEM.SAV
2017-05-17 14:26:00 ----D---- C:\ProgramData\HP
2017-05-17 14:26:00 ----D---- C:\ProgramData\Hewlett-Packard
2017-05-17 14:26:00 ----D---- C:\ProgramData\CyberLink
2017-05-17 14:26:00 ----D---- C:\ProgramData\Adobe
2017-05-17 14:26:00 ----D---- C:\Program Files (x86)\WindowsPowerShell
2017-05-17 14:26:00 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-17 14:25:59 ----D---- C:\Program Files (x86)\Google
2017-05-17 14:25:58 ----D---- C:\Program Files\WindowsPowerShell
2017-05-17 14:25:58 ----D---- C:\Program Files\Windows Media Player
2017-05-17 14:25:57 ----D---- C:\Program Files\Common Files\System
2017-05-17 14:25:57 ----D---- C:\inetpub
2017-05-17 14:25:57 ----AD---- C:\Program Files\Common Files\microsoft shared
2017-05-17 14:25:57 ----AD---- C:\KMPlayer
2017-05-17 14:17:43 ----D---- C:\WINDOWS\WinSxS
2017-05-17 12:27:28 ----D---- C:\WINDOWS\system32\catroot2
2017-05-17 12:27:28 ----D---- C:\WINDOWS\system32\CatRoot
2017-05-17 12:26:46 ----D---- C:\WINDOWS\AppReadiness
2017-05-17 12:26:45 ----HD---- C:\Program Files\WindowsApps
2017-05-17 12:18:48 ----D---- C:\WINDOWS\system32\NDF
2017-05-17 12:12:22 ----D---- C:\WINDOWS\system32\DriverStore
2017-05-17 00:06:52 ----D---- C:\Program Files\Common Files
2017-05-16 22:46:44 ----RD---- C:\WINDOWS\Microsoft.NET
2017-05-16 21:01:46 ----D---- C:\ProgramData\TuneUp Software
2017-05-16 20:36:28 ----DC---- C:\WINDOWS\Panther
2017-05-16 20:36:28 ----D---- C:\WINDOWS\ModemLogs
2017-05-16 20:36:26 ----D---- C:\WINDOWS\debug
2017-05-16 19:44:51 ----D---- C:\Program Files\IrfanView
2017-05-16 19:19:23 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-05-16 19:18:51 ----D---- C:\WINDOWS\CbsTemp
2017-05-16 19:18:50 ----D---- C:\WINDOWS\system32\appraiser
2017-05-14 21:57:33 ----D---- C:\WINDOWS\rescache
2017-05-14 21:10:24 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-05-11 20:58:48 ----RSD---- C:\WINDOWS\assembly
2017-05-10 23:13:39 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-05-10 23:13:39 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-05-10 23:13:39 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2017-05-10 23:13:39 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2017-05-10 23:13:39 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-05-10 23:13:38 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-05-10 23:13:36 ----SD---- C:\WINDOWS\system32\F12
2017-05-10 23:13:36 ----D---- C:\WINDOWS\system32\wbem
2017-05-10 23:13:36 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2017-05-10 23:13:36 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-05-10 23:13:36 ----D---- C:\WINDOWS\system32\oobe
2017-05-10 23:13:36 ----D---- C:\WINDOWS\system32\migration
2017-05-10 23:13:36 ----D---- C:\WINDOWS\system32\inetsrv
2017-05-10 23:13:35 ----D---- C:\WINDOWS\system32\cs-CZ
2017-05-10 23:13:33 ----D---- C:\WINDOWS\ShellExperiences
2017-05-10 23:13:33 ----D---- C:\WINDOWS\Provisioning
2017-05-10 23:13:33 ----D---- C:\WINDOWS\PolicyDefinitions
2017-05-10 23:13:32 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-05-10 23:13:32 ----RD---- C:\Program Files\Windows Defender
2017-05-10 23:13:32 ----D---- C:\Program Files\Windows Photo Viewer
2017-05-10 23:13:32 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 23:13:32 ----D---- C:\Program Files (x86)\Windows Defender
2017-05-10 19:07:18 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-05-10 11:36:38 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-09 21:10:52 ----D---- C:\WINDOWS\system32\Macromed
2017-05-09 21:10:51 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-04-29 02:59:37 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-04-28 03:01:16 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2017-04-25 17:45:45 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-04-25 17:45:42 ----D---- C:\WINDOWS\system32\setup
2017-04-25 17:45:42 ----D---- C:\WINDOWS\system32\Dism
2017-04-13 20:26:48 ----A---- C:\WINDOWS\system32\ibtsiva.exe
2017-04-09 17:07:24 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-04-06 13:43:18 ----D---- C:\ProgramData\Package Cache
2017-03-31 11:27:22 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-03-31 10:58:33 ----AD---- C:\Program Files (x86)\MSBuild
2017-03-31 10:58:13 ----RSD---- C:\WINDOWS\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;@oem19.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2016-04-03 73976]
R0 amdpsp;@oem4.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [2016-04-03 277240]
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-07-13 251632]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-07-13 72400]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-12-11 48992]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-07-13 255240]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-07-13 178520]
R1 EpfwLWF;@oem27.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-07-13 53360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-07-13 231520]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 AmdAS4;@oem7.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\WINDOWS\System32\drivers\AmdAS4.sys [2016-04-03 27384]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-04-03 23983104]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-04-03 674816]
R3 AtiHDAudioService;@oem14.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-04-03 111120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-12-11 84992]
R3 dtlitescsibus;@oem10.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-03-31 30264]
R3 dtliteusbbus;@oem13.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-03-31 47672]
R3 ibtusb;@oem24.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-04-13 244744]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-02-25 4802816]
R3 mvusbews;@oem40.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
R3 Netwtw04;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2016-06-07 7231248]
R3 rt640x64;@oem5.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-02-25 935168]
R3 SmbDrv;SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [2016-08-19 68728]
R3 SynTP;@oem6.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2016-08-19 910968]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-12-11 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-04-28 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S0 TfFsMon;TfFsMon; C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TFSysMon;TfSysMon; C:\WINDOWS\system32\drivers\TfSysMon.sys []
S1 plvnbjca;plvnbjca; \??\C:\WINDOWS\system32\drivers\plvnbjca.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 amdkmcsp;@oem4.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [2016-04-03 101112]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-04-28 967680]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-12-11 118272]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-12-11 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 massfilter;@oem39.inf,%filter.SvcDesc%;MBB Mass Storage Filter Driver; C:\WINDOWS\System32\drivers\massfilter.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RTSUER;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-02-25 413912]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2016-03-14 62568]
S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdaptiveSleepService;AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2016-03-26 138752]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-04-03 249344]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_2d16d;CDPUserSvc_2d16d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-05-04 3801280]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-05-03 642464]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-12-20 26168]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2016-01-11 606224]
R2 ibtsiva;@oem24.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 OneSyncSvc_2d16d;Hostitel synchronizace_2d16d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-05-03 157088]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-02-25 310016]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-08-19 266872]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-13 143144]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-26 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 tbaseprovisioning;tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [2016-04-03 54808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09 271864]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-13 143144]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-26 153752]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_2d16d;Služba zasílání zpráv_2d16d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-17 191944]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-05-03 268704]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-05-04 207056]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_2d16d;Data kontaktů_2d16d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-04 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Neustále se vracející havěť win 10 ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Neustále se vracející havěť win 10 ntb
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Neustále se vracející havěť win 10 ntb
V počítači se pořád vytváří zavirované složky na c:
po otevření firefox na chvilku zamrzne
# AdwCleaner v6.047 - Log vytvořen 22/05/2017 v 14:44:49
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Laborka - LAPTOP-CFM0IRPD
# Spuštěno z : C:\Users\Laborka\Downloads\adwcleaner_6.047.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Nebyly nalezeny žádné škodlivé služby.
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Nebyly nalezeny žádné škodlivé soubory.
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Nebyly nalezeny žádné škodlivé položky registru.
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7624 Bajty] - [17/05/2017 19:50:16]
C:\AdwCleaner\AdwCleaner[C2].txt - [1320 Bajty] - [17/05/2017 20:01:21]
C:\AdwCleaner\AdwCleaner[C3].txt - [3868 Bajty] - [17/05/2017 21:56:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [8968 Bajty] - [17/05/2017 19:38:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [9041 Bajty] - [17/05/2017 19:46:48]
C:\AdwCleaner\AdwCleaner[S2].txt - [1607 Bajty] - [17/05/2017 20:01:10]
C:\AdwCleaner\AdwCleaner[S3].txt - [3846 Bajty] - [17/05/2017 21:51:44]
C:\AdwCleaner\AdwCleaner[S4].txt - [1887 Bajty] - [22/05/2017 14:17:14]
C:\AdwCleaner\AdwCleaner[S5].txt - [1810 Bajty] - [22/05/2017 14:44:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1883 Bajty] ##########
po otevření firefox na chvilku zamrzne
# AdwCleaner v6.047 - Log vytvořen 22/05/2017 v 14:44:49
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Laborka - LAPTOP-CFM0IRPD
# Spuštěno z : C:\Users\Laborka\Downloads\adwcleaner_6.047.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Nebyly nalezeny žádné škodlivé služby.
***** [ Složky ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Nebyly nalezeny žádné škodlivé soubory.
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupci ] *****
Žádný infikovaný zástupce nenalezen.
***** [ Naplánované úlohy ] *****
Žádná nebezpečná úloha nenalezena.
***** [ Registry ] *****
Nebyly nalezeny žádné škodlivé položky registru.
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7624 Bajty] - [17/05/2017 19:50:16]
C:\AdwCleaner\AdwCleaner[C2].txt - [1320 Bajty] - [17/05/2017 20:01:21]
C:\AdwCleaner\AdwCleaner[C3].txt - [3868 Bajty] - [17/05/2017 21:56:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [8968 Bajty] - [17/05/2017 19:38:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [9041 Bajty] - [17/05/2017 19:46:48]
C:\AdwCleaner\AdwCleaner[S2].txt - [1607 Bajty] - [17/05/2017 20:01:10]
C:\AdwCleaner\AdwCleaner[S3].txt - [3846 Bajty] - [17/05/2017 21:51:44]
C:\AdwCleaner\AdwCleaner[S4].txt - [1887 Bajty] - [22/05/2017 14:17:14]
C:\AdwCleaner\AdwCleaner[S5].txt - [1810 Bajty] - [22/05/2017 14:44:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1883 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Neustále se vracející havěť win 10 ntb
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Neustále se vracející havěť win 10 ntb
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Laborka (administrator) on LAPTOP-CFM0IRPD (02-09-2017 16:54:48)
Running from C:\Users\Laborka\Desktop
Loaded Profiles: Laborka (Available Profiles: Laborka)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Users\Laborka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8848640 2016-02-25] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Providers\zjfprl6w: C:\Program Files (x86)\Qzileroqusp Configuration\local64spl.dll <==== ATTENTION
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: No Name - {786FA74C-12EF-11E7-8DF3-64006A5CFC23} - -> No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{dd9a2135-7645-4bed-920a-77b35670975c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2fbd850-152e-409a-b4a8-1e04f63f507f}: [NameServer] 80.250.1.161,8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-3470257245-4192612271-3252178878-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> {72FD2E19-1973-4195-8CE1-825BC5C4E0C4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {72FD2E19-1973-4195-8CE1-825BC5C4E0C4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3470257245-4192612271-3252178878-1001 -> {72FD2E19-1973-4195-8CE1-825BC5C4E0C4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-01] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-12-20] (Hewlett-Packard Company)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: htle5w1e.default
FF ProfilePath: C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default [2017-09-02]
FF user.js: detected! => C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default\user.js [2017-05-17]
FF Homepage: Mozilla\Firefox\Profiles\htle5w1e.default -> hxxps://www.seznam.cz/
FF Extension: (Adblock Plus) - C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12]
FF SearchPlugin: C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default\searchplugins\zjfprl6w.xml [2017-03-31]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-31] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-05-17] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Dokumenty Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Disk Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Tabulky Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-03-26] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424384 2017-08-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2625368 2017-05-28] (ESET)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-25] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266872 2016-08-19] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27384 2016-04-03] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2016-04-03] (Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-04-03] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-31] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-31] (Disc Soft Ltd)
R3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-05-28] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107344 2017-03-09] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14880 2017-03-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-03-09] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-03-09] (ESET)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-13] (ESET)
S3 Epfwndis; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [33608 2009-05-14] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [101648 2017-03-09] (ESET)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R1 MpKslb7b1ed0e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DB9F4032-F3C2-491C-B4E7-63072047DAD0}\MpKslb7b1ed0e.sys [44928 2017-09-02] (Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-02-25] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-02-25] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [68728 2016-08-19] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [62568 2016-03-14] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-02 16:55 - 2017-09-02 16:55 - 000055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\leztppbn.sys
2017-09-02 16:54 - 2017-09-02 16:55 - 000016313 _____ C:\Users\Laborka\Desktop\FRST.txt
2017-09-02 16:54 - 2017-09-02 16:54 - 000000000 ____D C:\FRST
2017-09-02 16:53 - 2017-09-02 16:46 - 002395648 _____ (Farbar) C:\Users\Laborka\Desktop\FRST64.exe
2017-09-02 15:54 - 2017-09-02 15:54 - 000001936 _____ C:\Users\Public\Desktop\Update NOD32 license.lnk
2017-09-02 15:54 - 2017-09-02 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2017-09-02 15:54 - 2017-09-02 15:54 - 000000000 ____D C:\Program Files (x86)\TNod User & Password Finder
2017-08-17 19:24 - 2017-08-17 19:24 - 000028935 _____ C:\Users\Laborka\Downloads\H_1384493217.pdf
2017-08-16 15:18 - 2017-08-16 15:18 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-16 15:18 - 2017-08-16 15:18 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-16 15:18 - 2017-08-16 15:18 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-16 15:18 - 2017-08-16 15:18 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-16 15:18 - 2017-08-16 15:18 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-16 15:08 - 2017-08-16 15:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-08-16 15:08 - 2017-08-16 14:26 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\Program Files\MSBuild
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\inetpub
2017-08-16 15:05 - 2017-08-16 14:37 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-16 15:04 - 2017-02-10 12:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-08-16 15:04 - 2017-02-10 12:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-08-16 14:50 - 2017-08-16 14:50 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3470257245-4192612271-3252178878-1001
2017-08-16 14:47 - 2017-08-16 14:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-08-16 14:46 - 2017-08-16 14:46 - 000000000 ____D C:\Users\Laborka\AppData\Local\DBG
2017-08-16 14:45 - 2017-08-16 14:45 - 000000020 ___SH C:\Users\Laborka\ntuser.ini
2017-08-16 14:43 - 2017-08-16 14:44 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-08-16 14:43 - 2017-08-16 14:44 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-08-16 14:40 - 2017-09-02 16:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-16 14:40 - 2017-08-28 13:33 - 000003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLaborka
2017-08-16 14:40 - 2017-08-16 14:40 - 000004958 _____ C:\WINDOWS\System32\Tasks\Qzileroqusp Configuration
2017-08-16 14:40 - 2017-08-16 14:40 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-16 14:40 - 2017-08-16 14:40 - 000003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-08-16 14:40 - 2017-08-16 14:40 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-08-16 14:40 - 2017-08-16 14:40 - 000003362 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-08-16 14:40 - 2017-08-16 14:40 - 000003290 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Perform upgrade
2017-08-16 14:40 - 2017-08-16 14:40 - 000003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-08-16 14:40 - 2017-08-16 14:40 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-08-16 14:40 - 2017-08-16 14:40 - 000002542 _____ C:\WINDOWS\System32\Tasks\HPDAS
2017-08-16 14:40 - 2017-08-16 14:40 - 000002326 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-08-16 14:40 - 2017-08-16 14:40 - 000002270 _____ C:\WINDOWS\System32\Tasks\{311B21AA-84EA-4957-9A81-43D245C4D65C}
2017-08-16 14:40 - 2017-08-16 14:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-08-16 14:40 - 2017-08-16 14:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-08-16 14:37 - 2017-08-16 14:37 - 000000000 ____D C:\ProgramData\USOShared
2017-08-16 14:36 - 2017-08-16 14:36 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-08-16 14:30 - 2017-08-16 14:37 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-08-16 14:29 - 2017-09-02 16:08 - 002208502 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-16 14:29 - 2017-08-21 19:18 - 000000000 ____D C:\Users\Laborka
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Šablony
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Soubory cookie
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Poslední
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Okolní tiskárny
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Okolní síť
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Nabídka Start
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Dokumenty
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Documents\Obrázky
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Documents\Hudba
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Documents\Filmy
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Data aplikací
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\AppData\Local\Data aplikací
2017-08-16 14:29 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-08-16 14:28 - 2017-09-02 16:01 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-08-16 14:28 - 2017-08-16 14:31 - 000000000 ____D C:\Program Files\AMD
2017-08-16 14:28 - 2017-08-16 14:28 - 001893812 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-08-16 14:28 - 2017-08-16 14:28 - 000096286 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-08-16 14:28 - 2017-08-16 14:28 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control Panel.lnk
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\Program Files\Synaptics
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\Program Files\Realtek
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-08-16 14:27 - 2017-08-16 14:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-08-16 14:27 - 2017-08-16 14:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2017-08-16 14:26 - 2017-09-02 16:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-16 14:26 - 2017-08-18 11:03 - 000477376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-14 17:30 - 2017-08-14 17:30 - 000476070 _____ C:\Users\Laborka\Downloads\Voucher_Fiserova.pdf
2017-08-10 13:01 - 2017-08-16 14:45 - 000000000 ___DC C:\WINDOWS\Panther
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-02 16:08 - 2017-03-20 06:43 - 000939356 _____ C:\WINDOWS\system32\perfh005.dat
2017-09-02 16:08 - 2017-03-20 06:43 - 000220240 _____ C:\WINDOWS\system32\perfc005.dat
2017-09-02 16:01 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-02 16:01 - 2016-12-11 19:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-02 15:49 - 2017-05-17 14:26 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\ESET
2017-09-02 15:42 - 2016-04-18 06:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-02 15:29 - 2016-12-11 19:04 - 000000000 ____D C:\Users\Laborka\AppData\LocalLow\Mozilla
2017-09-02 15:28 - 2017-05-17 21:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-01 19:00 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-01 18:49 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-01 18:49 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-31 13:00 - 2016-11-13 15:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 11:27 - 2016-11-13 14:29 - 000000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLaborka.job
2017-08-22 16:11 - 2016-10-24 11:50 - 000000000 ____D C:\Users\Laborka\AppData\Local\Packages
2017-08-22 16:10 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-21 18:48 - 2016-10-25 11:54 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-17 10:03 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-17 09:56 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-08-16 15:25 - 2017-03-18 23:03 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-08-16 15:21 - 2017-03-18 23:06 - 000000000 ____D C:\WINDOWS\Setup
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-16 15:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-16 15:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-08-16 15:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-16 15:05 - 2017-03-18 22:59 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-08-16 15:05 - 2017-03-18 22:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-08-16 15:05 - 2017-03-18 22:59 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-08-16 14:50 - 2016-12-11 20:34 - 000002404 _____ C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-16 14:50 - 2016-10-24 11:52 - 000000000 ___RD C:\Users\Laborka\OneDrive
2017-08-16 14:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-16 14:46 - 2016-10-24 13:09 - 000000000 ____D C:\Users\Laborka\AppData\Local\MicrosoftEdge
2017-08-16 14:45 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-16 14:45 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows NT
2017-08-16 14:45 - 2015-11-02 20:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-16 14:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-08-16 14:44 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-08-16 14:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-08-16 14:43 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-08-16 14:40 - 2017-03-20 06:46 - 000000000 ____D C:\WINDOWS\HoloShell
2017-08-16 14:40 - 2016-12-11 20:28 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-08-16 14:39 - 2017-03-18 23:03 - 000000000 __RHD C:\Users\Public\Libraries
2017-08-16 14:37 - 2017-05-16 19:44 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-08-16 14:37 - 2017-05-16 19:18 - 000000000 ____D C:\WINDOWS\system32\UNP
2017-08-16 14:37 - 2017-03-31 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-08-16 14:37 - 2017-03-31 10:56 - 000000000 ____D C:\WINDOWS\SHELLNEW
2017-08-16 14:37 - 2016-11-13 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-08-16 14:37 - 2016-10-25 11:27 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2017-08-16 14:37 - 2016-10-24 12:14 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-16 14:37 - 2016-10-24 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-16 14:37 - 2016-10-24 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2017-08-16 14:37 - 2016-08-07 09:55 - 000000000 ____D C:\Program Files\Intel
2017-08-16 14:37 - 2016-08-07 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-08-16 14:37 - 2016-04-18 06:09 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\spool
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-16 14:32 - 2016-11-30 21:09 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-08-16 14:32 - 2016-11-30 21:09 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2017-08-16 14:32 - 2016-08-07 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-08-16 14:32 - 2016-08-07 09:56 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-08-16 14:32 - 2016-04-18 06:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2017-08-16 14:31 - 2017-05-22 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-08-16 14:31 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-16 14:31 - 2016-11-13 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HoboSoft
2017-08-16 14:31 - 2016-04-18 06:08 - 000000000 ____D C:\Program Files\HP
2017-08-16 14:30 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-16 14:28 - 2017-03-18 13:40 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-08-16 12:52 - 2016-10-25 11:28 - 000000000 ____D C:\Users\Laborka\AppData\Local\CrashDumps
2017-08-16 12:52 - 2016-08-07 11:04 - 002830322 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2017-08-15 10:40 - 2017-04-24 10:16 - 000000000 ____D C:\WINDOWS\psgo
2017-08-15 10:25 - 2016-08-07 11:05 - 000000000 ____D C:\ProgramData\HP
2017-08-14 19:15 - 2016-10-25 11:18 - 000000000 ____D C:\Users\Laborka\Documents\Petr data
2017-08-09 15:56 - 2016-10-25 14:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 15:54 - 2016-10-25 14:23 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-07 20:02 - 2016-10-25 16:30 - 000059904 _____ C:\Users\Laborka\Desktop\Ceník 2016.xls
==================== Files in the root of some directories =======
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-02 15:35
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:81.52 GB) NTFS
Drive f: (PENDRIVE) (Removable) (Total:7.45 GB) (Free:3.5 GB) FAT32
Available physical RAM: 1683.43 MB
Total physical RAM: 3529.01 MB
Percentage of memory in use: 52%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 119.2 GB) (Disk ID: E79E28BB)
Disk: 1 (Size: 7.5 GB) (Disk ID: 84F6BC9B)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLaborka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\WINDOWS\system32\Drivers\leztppbn.sys:changelist [300]
AlternateDataStreams: C:\ProgramData\Temp:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 [340]
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Laborka\Desktop" je 1972 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by Laborka (administrator) on LAPTOP-CFM0IRPD (02-09-2017 16:54:48)
Running from C:\Users\Laborka\Desktop
Loaded Profiles: Laborka (Available Profiles: Laborka)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Users\Laborka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8848640 2016-02-25] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Providers\zjfprl6w: C:\Program Files (x86)\Qzileroqusp Configuration\local64spl.dll <==== ATTENTION
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: No Name - {786FA74C-12EF-11E7-8DF3-64006A5CFC23} - -> No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{dd9a2135-7645-4bed-920a-77b35670975c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2fbd850-152e-409a-b4a8-1e04f63f507f}: [NameServer] 80.250.1.161,8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-3470257245-4192612271-3252178878-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> {72FD2E19-1973-4195-8CE1-825BC5C4E0C4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {72FD2E19-1973-4195-8CE1-825BC5C4E0C4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3470257245-4192612271-3252178878-1001 -> {72FD2E19-1973-4195-8CE1-825BC5C4E0C4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-01] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-12-20] (Hewlett-Packard Company)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-01] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: htle5w1e.default
FF ProfilePath: C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default [2017-09-02]
FF user.js: detected! => C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default\user.js [2017-05-17]
FF Homepage: Mozilla\Firefox\Profiles\htle5w1e.default -> hxxps://www.seznam.cz/
FF Extension: (Adblock Plus) - C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12]
FF SearchPlugin: C:\Users\Laborka\AppData\Roaming\Mozilla\Firefox\Profiles\htle5w1e.default\searchplugins\zjfprl6w.xml [2017-03-31]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-31] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-05-17] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Dokumenty Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Disk Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Tabulky Google) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Laborka\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-03-26] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424384 2017-08-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2625368 2017-05-28] (ESET)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-25] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266872 2016-08-19] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27384 2016-04-03] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2016-04-03] (Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-04-03] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-31] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-31] (Disc Soft Ltd)
R3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-05-28] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107344 2017-03-09] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14880 2017-03-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-03-09] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-03-09] (ESET)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-13] (ESET)
S3 Epfwndis; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [33608 2009-05-14] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [101648 2017-03-09] (ESET)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R1 MpKslb7b1ed0e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DB9F4032-F3C2-491C-B4E7-63072047DAD0}\MpKslb7b1ed0e.sys [44928 2017-09-02] (Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-02-25] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-02-25] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [68728 2016-08-19] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [62568 2016-03-14] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-02 16:55 - 2017-09-02 16:55 - 000055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\leztppbn.sys
2017-09-02 16:54 - 2017-09-02 16:55 - 000016313 _____ C:\Users\Laborka\Desktop\FRST.txt
2017-09-02 16:54 - 2017-09-02 16:54 - 000000000 ____D C:\FRST
2017-09-02 16:53 - 2017-09-02 16:46 - 002395648 _____ (Farbar) C:\Users\Laborka\Desktop\FRST64.exe
2017-09-02 15:54 - 2017-09-02 15:54 - 000001936 _____ C:\Users\Public\Desktop\Update NOD32 license.lnk
2017-09-02 15:54 - 2017-09-02 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
2017-09-02 15:54 - 2017-09-02 15:54 - 000000000 ____D C:\Program Files (x86)\TNod User & Password Finder
2017-08-17 19:24 - 2017-08-17 19:24 - 000028935 _____ C:\Users\Laborka\Downloads\H_1384493217.pdf
2017-08-16 15:18 - 2017-08-16 15:18 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-16 15:18 - 2017-08-16 15:18 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-16 15:18 - 2017-08-16 15:18 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-16 15:18 - 2017-08-16 15:18 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-16 15:18 - 2017-08-16 15:18 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-16 15:18 - 2017-08-16 15:18 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-16 15:18 - 2017-08-16 15:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-16 15:18 - 2017-08-16 15:18 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-16 15:08 - 2017-08-16 15:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-08-16 15:08 - 2017-08-16 14:26 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\Program Files\MSBuild
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-08-16 15:05 - 2017-08-16 15:05 - 000000000 ____D C:\inetpub
2017-08-16 15:05 - 2017-08-16 14:37 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-16 15:04 - 2017-02-10 12:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-08-16 15:04 - 2017-02-10 12:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-08-16 15:04 - 2017-02-10 12:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-08-16 14:50 - 2017-08-16 14:50 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3470257245-4192612271-3252178878-1001
2017-08-16 14:47 - 2017-08-16 14:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-08-16 14:46 - 2017-08-16 14:46 - 000000000 ____D C:\Users\Laborka\AppData\Local\DBG
2017-08-16 14:45 - 2017-08-16 14:45 - 000000020 ___SH C:\Users\Laborka\ntuser.ini
2017-08-16 14:43 - 2017-08-16 14:44 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-08-16 14:43 - 2017-08-16 14:44 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-08-16 14:40 - 2017-09-02 16:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-16 14:40 - 2017-08-28 13:33 - 000003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLaborka
2017-08-16 14:40 - 2017-08-16 14:40 - 000004958 _____ C:\WINDOWS\System32\Tasks\Qzileroqusp Configuration
2017-08-16 14:40 - 2017-08-16 14:40 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-16 14:40 - 2017-08-16 14:40 - 000003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-08-16 14:40 - 2017-08-16 14:40 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-08-16 14:40 - 2017-08-16 14:40 - 000003362 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-08-16 14:40 - 2017-08-16 14:40 - 000003290 _____ C:\WINDOWS\System32\Tasks\ESET Windows 10 upgrade – Perform upgrade
2017-08-16 14:40 - 2017-08-16 14:40 - 000003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-08-16 14:40 - 2017-08-16 14:40 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-08-16 14:40 - 2017-08-16 14:40 - 000002542 _____ C:\WINDOWS\System32\Tasks\HPDAS
2017-08-16 14:40 - 2017-08-16 14:40 - 000002326 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-08-16 14:40 - 2017-08-16 14:40 - 000002270 _____ C:\WINDOWS\System32\Tasks\{311B21AA-84EA-4957-9A81-43D245C4D65C}
2017-08-16 14:40 - 2017-08-16 14:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-08-16 14:40 - 2017-08-16 14:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-08-16 14:37 - 2017-08-16 14:37 - 000000000 ____D C:\ProgramData\USOShared
2017-08-16 14:36 - 2017-08-16 14:36 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-08-16 14:30 - 2017-08-16 14:37 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-08-16 14:29 - 2017-09-02 16:08 - 002208502 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-16 14:29 - 2017-08-21 19:18 - 000000000 ____D C:\Users\Laborka
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Šablony
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Soubory cookie
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Poslední
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Okolní tiskárny
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Okolní síť
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Nabídka Start
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Dokumenty
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Documents\Obrázky
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Documents\Hudba
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Documents\Filmy
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\Data aplikací
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-08-16 14:29 - 2017-08-16 14:29 - 000000000 _SHDL C:\Users\Laborka\AppData\Local\Data aplikací
2017-08-16 14:29 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-08-16 14:28 - 2017-09-02 16:01 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-08-16 14:28 - 2017-08-16 14:31 - 000000000 ____D C:\Program Files\AMD
2017-08-16 14:28 - 2017-08-16 14:28 - 001893812 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-08-16 14:28 - 2017-08-16 14:28 - 000096286 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-08-16 14:28 - 2017-08-16 14:28 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control Panel.lnk
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\Program Files\Synaptics
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\Program Files\Realtek
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-08-16 14:28 - 2017-08-16 14:28 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-08-16 14:27 - 2017-08-16 14:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-08-16 14:27 - 2017-08-16 14:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2017-08-16 14:26 - 2017-09-02 16:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-16 14:26 - 2017-08-18 11:03 - 000477376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-14 17:30 - 2017-08-14 17:30 - 000476070 _____ C:\Users\Laborka\Downloads\Voucher_Fiserova.pdf
2017-08-10 13:01 - 2017-08-16 14:45 - 000000000 ___DC C:\WINDOWS\Panther
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-02 16:08 - 2017-03-20 06:43 - 000939356 _____ C:\WINDOWS\system32\perfh005.dat
2017-09-02 16:08 - 2017-03-20 06:43 - 000220240 _____ C:\WINDOWS\system32\perfc005.dat
2017-09-02 16:01 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-02 16:01 - 2016-12-11 19:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-02 15:49 - 2017-05-17 14:26 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\ESET
2017-09-02 15:42 - 2016-04-18 06:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-02 15:29 - 2016-12-11 19:04 - 000000000 ____D C:\Users\Laborka\AppData\LocalLow\Mozilla
2017-09-02 15:28 - 2017-05-17 21:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-01 19:00 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-01 18:49 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-01 18:49 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-31 13:00 - 2016-11-13 15:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 11:27 - 2016-11-13 14:29 - 000000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLaborka.job
2017-08-22 16:11 - 2016-10-24 11:50 - 000000000 ____D C:\Users\Laborka\AppData\Local\Packages
2017-08-22 16:10 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-21 18:48 - 2016-10-25 11:54 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-17 10:03 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-17 09:56 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-08-16 15:25 - 2017-03-18 23:03 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-08-16 15:21 - 2017-03-18 23:06 - 000000000 ____D C:\WINDOWS\Setup
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-16 15:20 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-16 15:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-16 15:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-08-16 15:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-16 15:05 - 2017-03-18 22:59 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-08-16 15:05 - 2017-03-18 22:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-08-16 15:05 - 2017-03-18 22:59 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-08-16 15:05 - 2017-03-18 22:59 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-08-16 14:50 - 2016-12-11 20:34 - 000002404 _____ C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-16 14:50 - 2016-10-24 11:52 - 000000000 ___RD C:\Users\Laborka\OneDrive
2017-08-16 14:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-16 14:46 - 2016-10-24 13:09 - 000000000 ____D C:\Users\Laborka\AppData\Local\MicrosoftEdge
2017-08-16 14:45 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-16 14:45 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows NT
2017-08-16 14:45 - 2015-11-02 20:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-16 14:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-08-16 14:44 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-08-16 14:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-08-16 14:43 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-08-16 14:40 - 2017-03-20 06:46 - 000000000 ____D C:\WINDOWS\HoloShell
2017-08-16 14:40 - 2016-12-11 20:28 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-08-16 14:39 - 2017-03-18 23:03 - 000000000 __RHD C:\Users\Public\Libraries
2017-08-16 14:37 - 2017-05-16 19:44 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-08-16 14:37 - 2017-05-16 19:18 - 000000000 ____D C:\WINDOWS\system32\UNP
2017-08-16 14:37 - 2017-03-31 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-08-16 14:37 - 2017-03-31 10:56 - 000000000 ____D C:\WINDOWS\SHELLNEW
2017-08-16 14:37 - 2016-11-13 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-08-16 14:37 - 2016-10-25 11:27 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2017-08-16 14:37 - 2016-10-24 12:14 - 000000000 ____D C:\Users\Laborka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-16 14:37 - 2016-10-24 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-16 14:37 - 2016-10-24 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2017-08-16 14:37 - 2016-08-07 09:55 - 000000000 ____D C:\Program Files\Intel
2017-08-16 14:37 - 2016-08-07 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-08-16 14:37 - 2016-04-18 06:09 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\spool
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-16 14:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-16 14:32 - 2016-11-30 21:09 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-08-16 14:32 - 2016-11-30 21:09 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2017-08-16 14:32 - 2016-08-07 09:57 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-08-16 14:32 - 2016-08-07 09:56 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-08-16 14:32 - 2016-04-18 06:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2017-08-16 14:31 - 2017-05-22 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-08-16 14:31 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-16 14:31 - 2016-11-13 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HoboSoft
2017-08-16 14:31 - 2016-04-18 06:08 - 000000000 ____D C:\Program Files\HP
2017-08-16 14:30 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-16 14:28 - 2017-03-18 13:40 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-08-16 12:52 - 2016-10-25 11:28 - 000000000 ____D C:\Users\Laborka\AppData\Local\CrashDumps
2017-08-16 12:52 - 2016-08-07 11:04 - 002830322 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2017-08-15 10:40 - 2017-04-24 10:16 - 000000000 ____D C:\WINDOWS\psgo
2017-08-15 10:25 - 2016-08-07 11:05 - 000000000 ____D C:\ProgramData\HP
2017-08-14 19:15 - 2016-10-25 11:18 - 000000000 ____D C:\Users\Laborka\Documents\Petr data
2017-08-09 15:56 - 2016-10-25 14:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 15:54 - 2016-10-25 14:23 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-07 20:02 - 2016-10-25 16:30 - 000059904 _____ C:\Users\Laborka\Desktop\Ceník 2016.xls
==================== Files in the root of some directories =======
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-02 15:35
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:81.52 GB) NTFS
Drive f: (PENDRIVE) (Removable) (Total:7.45 GB) (Free:3.5 GB) FAT32
Available physical RAM: 1683.43 MB
Total physical RAM: 3529.01 MB
Percentage of memory in use: 52%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 119.2 GB) (Disk ID: E79E28BB)
Disk: 1 (Size: 7.5 GB) (Disk ID: 84F6BC9B)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLaborka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\WINDOWS\system32\Drivers\leztppbn.sys:changelist [300]
AlternateDataStreams: C:\ProgramData\Temp:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 [340]
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Laborka\Desktop" je 1972 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Neustále se vracející havěť win 10 ntb
Naše pravidla: https://forum.viry.cz/viewtopic.php?f=12&t=115512 říkají, že není přípustná kontrola systému, máte-li cracklý ochranný software (antivir). Cracklý ESET odinstalujte, nebo zaplaťte, odinstalujte crack, případně použijte free antivir. Pak se vraťte a dejte nový log FRST. Cracklý antivir je vám totiž úplně k ničemu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?